Ransomware accounted for 72% of healthcare malware attacks in 2016

Two new reports from Symantec and Verizon say hackers are using ransomware and phishing attacks to target the industry.
By Jessica Davis
08:54 AM
Share
Ransomware accounted for 72% of healthcare malware attacks in 2016

Of all the 2016 malware attacks on the healthcare industry, 72 percent were caused by ransomware, according to the Verizon 2017 Data Breach Investigations Report released Thursday.

The results may not surprise you, since the healthcare industry is one of the most targeted in the United States. Ransomware is one of its biggest threats, as hackers know how crucial data is to daily hospital operations. Therefore, many will pay to avoid disruption.

[Also: Ransomware rising, but where are all the breach reports?]

Ransomware attacks have doubled in frequency across all industries and are now the fifth most common specific malware variety, the Verizon report found. The healthcare industry was the second-most targeted industry at 15 percent of incidents, just behind the financial sector that had 24 percent of total incidents in 2016.

“Healthcare has the unenviable task of balancing protection of large amounts of personal and medical data with the need for quick access to practitioners,” the report authors wrote.

The report analyzed more than 2,000 breaches from 2016 and found that over 300 were related to espionage -- 62 of which stemmed from phishing emails. The healthcare industry was hit with 458 incidents, and 286 of these included improper data disclosure.

The virus first made its mark in February with the attack on Hollywood Presbyterian, which caused the organization to declare an internal emergency and pay the hackers $17,000 to regain control of its systems.

[Also: Locky ransomware is back, but with a new twist]

An April 24 Symantec report had similar findings: The number of detections of ransomware increased by 36 percent during 2016, from 340,000 in 2015 to 463,000 during 2016. The daily rate of antivirus detections for ransomware also increased during 2016, averaging at approximately 846 per day at the beginning of the year and rising to more than 1,539 a day by the end of the year.

While antivirus detections of ransomware were just a small percentage of the overall number of attacks, the notable uptick in detections during the year suggests that ransomware activity increased during 2016.

The same report found that one in 131 emails contained a malicious link or attachment -- the highest rate in five years.

One factor that may have caused the ransomware spike last year was the introduction of Ransomware-as-a-Service. Here, criminal developers create ransomware kits that can be used to create and customize new ransomware variants tailored to a specific target. Developers provide kits to hacks in exchange for a percentage of proceeds.

“Cyberattacks targeting the human factor are still a major issue,” Bryan Sartin, Verizon Enterprise Solutions executive director of Global Security Services said in a statement. “Cybercriminals concentrate on four key drivers of human behavior to encourage individuals to disclose information: eagerness, distraction, curiosity and uncertainty. And as our report shows, it is working, with a significant increase in both phishing and pretexting this year.”

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com


Like Healthcare IT News on Facebook and LinkedIn