Cyber-attacks on global healthcare organisations increased at more than double the rate of those targeting other sectors in the last two months of 2020.
The latest data from security vendors covers the period from the beginning of November to the end of 2020, and compares it with the previous two months (September-October).
It revealed a 45% increase in attacks on the healthcare sector, versus less than half this figure (22%) for all other sectors. November was particularly bad, with the healthcare sector suffering 626 weekly attacks on average per organisation, compared with 430 in the previous two months.
Although the attacks span a variety of categories — including ransomware, botnets, remote code execution and DDoS — perhaps unsurprisingly, it is ransomware that displayed the largest increase overall and poses the biggest threat.
In fact, financially motivated cybercriminals have been going after the healthcare sector since the start of the COVID-19 crisis, well aware that hospitals and clinics are distracted with the huge surge in cases coming through their doors.
In April, Microsoft revealed how these groups are increasingly using more tactics to gain a foothold in networks, perform lateral movements and credential theft, and exfiltrate data before deploying their ransomware payload.
Central Europe experienced the biggest rise in cyber-attacks on its healthcare sector during the period (145%), followed by East Asia (137%) and Latin America (112%).
Europe recorded a 67% increase, although Spain saw attacks double and Germany recorded a 220% surge. Although North America (37%) saw the smallest rise regionally, Canada experienced the biggest increase of any country, at 250%.
Last year, a number of hospital networks across the globe were successfully hit with ransomware attacks, making cybercriminals hungry for more.
Furthermore, the usage of Ryuk ransomware emphasises the trend of having more targeted and tailored ransomware attacks rather than using a massive spam campaign. This allows the attackers to make sure they hit the most critical parts of the organisation and have a higher chance of getting their ransom paid.
Virtual patching, employee education and being on guard at weekends, when attackers often strike, are crucial tools in the fight against cybercriminals.
_____
Aquest apunt en català / Esta entrada en español / Post en français