Security report: Nearly 90 percent of ransomware attacks target healthcare

Chris Nerney
Chris Nerney, Contributing Writer |

Healthcare organizations have become the overwhelming targets of choice for ransomware criminals, accounting for 88 percent of all ransomware detections across U.S. industries in recent months, according to the Security Engineering Research Team (SERT) Quarterly Threat Report for Q2 2016 from cybersecurity technology and services vendor NTTSecurity.
The reason healthcare organizations have become a primary target for ransomware attacks, the report said, is “because the industry has often paid the ransom.”
“When executing a disaster recovery plan (DRP), it is important to recover systems as quickly as possible for business continuity,” the SERT report said. “However, when dealing with human lives whose treatment depends on those systems, paying a few thousand dollars is often the preferred choice. This tends to increase attackers’ targeting of healthcare networks with ransomware.”
But willingness to pay a ransom isn’t the only factor that makes healthcare a favorite ransomware target, the report said:
Healthcare organizations use an abundance of systems and IoT (Internet of Things) devices which can become crucial pivot points for an attacker or can even be victims of ransomware themselves. Ransomware strains are common on mobile devices, servers, personal computers and more, but will inevitably become more common on IoT devices in homes.
The education industry was the second-favorite target for ransomware in Q2, though at a very distant 6 percent, followed by the finance sector at 4 percent.
Even going beyond ransomware to include all cyber attacks, healthcare was a top target in Q2, attracting 17 percent of all attacks and trailing only the retail sector at 18 percent.
Air Max 1 Master