The FBI has recently warned of a spate of cyberattacks and data extortion efforts by the Hive ransomware group, particularly focusing on the health and public health sectors. Hive actors have successfully exploited more than 1,300 companies globally, just this year, receiving approximately $100 million in ransom pay-out.
Comparitech recently released some related research looking at the true cost of ransomware on healthcare organisations over the past 4 years. It highlights how the ransomware pandemic is only getting worse, and how threat-actors have targeted healthcare organisations specifically, aware of the fact that any downtime could cost lives (in the worst-case scenario.) The research showed that:
- The majority of attacks aimed to stop processes, interrupt services and cause disruption as opposed to stealing data.
- 330 individual ransomware attacks were conducted on government organisations, with 2019 seeing the highest number (35 % of all attacks)
- 523,942 individuals records were affected between 2018 and 2022.
- Ransomware amounds varied from $1,000 to $5.3 million
- Hackers received $5 million in payments from 27 of 72 cases.
- On average, government organisations lost 17 days to downtime.
- The overall cost of these attacks was estimated to be $70.4 billion.
These stats underline the urgency of implementing sufficient security measures to protect the business and patients. It’s no longer a matter of ‘if’ an organisation will be attacked but a ‘when’.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.