Categories: SecurityWorkspace

Pandemic Sees Surge In Healthcare Ransomware Attacks

Cyber-attacks on healthcare organisations skyrocketed in 2020, with the surge showing no signs of abatement, as opportunistic criminals looked for ways to exploit the Covid-19 crisis, researchers said.

VMware Carbon Black said there were 239.4 million attempted cyberattacks targeting its healthcare customers, with an average of 816 attempted attacks per endpoint, a 9.851 percent increase over 2019.

The surge in attacks began in February, just as the pandemic began to spread worldwide, and peaked with an 87 percent increase from September to October.

Carbon Black cybersecurity strategist Rick McElroy said the pandemic had given hackers “limitless attack methods” against healthcare organisations.

Healthcare targeted

The increase in demand for ransomware tools to carry out attacks has led to a surge in affiliate programmes over the past year, where programmers provide their attack code in exchange for a cut of any profits.

This trend saw the return of Cerber, a ransomware-as-a-service (RaaS) tool that was widely used in 2017 but had since been eclipsed by other malware.

Cerber was the single most widely deployed ransomware family deployed against Carbon Black’s healthcare customers in 2020, used in 58 percent of attempted attacks, followed by Sodinokibi, VBCrypt, Cryxos and VBKrypt.

McElroy said the figures showed the “rapid rate” at which the strain could be licensed and used against targets.

Insider attacks

Carbon Black said attackers have turned to novel methods for deploying malware against health providers, such as recruiting insiders with direct access to high-value targets to facilitate infections in return for large sums or a percentage of the payout.

The hacking opportunities created by the pandemic have also seen partnerships in which hackers work with criminals who specialise in breaking into organisations and then sell access to other ransomware gangs.

“The FBI, Department of Homeland Security (DHS), and other federal agencies have all issued warnings about the surge in cyberattacks against healthcare organisations,” McElroy noted in an advisory.

Countermeasures

The company said hacks against healthcare providers are continuing to pick up steam, with Covid-19 test results currently a popular target for theft, later to be resold on hacker forums.

Carbon Black urged healthcare organisations can take the opportunity of the pandemic to ensure proper security controls are in place as new technology is implemented to support remote work, remote patient care and other services.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago