Report: Healthcare cyber-attacks spike

January 6, 2021
Keith A. Reynolds

Cyber-attacks are up 45 percent worldwide since Nov. 1.

Nefarious actors ramped up their cyber-attacks on healthcare institutions as 2020 came to an end.

According to a report from Check Point Software Technologies LTD, there has been a 45 percent increase in cyber-attacks targeting healthcare organizations globally since the beginning of November, which is more than double the increase in cyber-attacks across all other industries worldwide in the same period of time.

While the attacks involved a variety of methods, ransomware has shown the largest increase and is the biggest threat to healthcare organizations, according to the report.

An October alert from the Cybersecurity & Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS), said that the agencies have credible information about an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. They believe that the goal is to spread the Ryuk ransomware for financial gain.
The same malware is believed to have been used against Universal Health Services in September.

According to a report from Wired, hospital personnel say that they have moved to an all-paper system due to the attack which has left patients being rerouted to other emergency departments and waiting for appointments and test results.

The attack was undertaken overnight in an effort to encrypt and lock down as many systems as possible. Screens at facilities in California, Florida, Texas, Arizona, and Washington D.C. were changed to display a ransom message, according to Bleeping Computer, which first reported the attack.

The Check Point Report speculates that these ransomware attacks are bringing the hackers cash windfalls which is making them hungrier for more and the world’s healthcare system’s preoccupation with the COVID-19 pandemic has made the industry a prime target.

The report gives some tips to prevent ransomware and phishing attacks. They include:

  • Look for trojan infections – Most ransomware attacks start with an initial infection with a trojan which can occur days or weeks before the ransomware attack.
  • Raise your guard on weekends and holidays – Most ransomware attacks occur when IT and security staff are out of the office.
  • Educate employees about malicious emails – Training them to identify and avoid possible ransomware attacks is critical as many attacks start with a targeted phishing email which doesn’t contain the malware.