#Ransomware targeting #health #systems in more ‘sophisticated’ ways

Source: Ransomware targeting health systems in more ‘sophisticated’ ways. Alerts from federal agencies, cybersecurity companies and information-sharing groups help chief information security officers stay up-to-date on emerging threats, but chasing new variants of ransomware is a never-ending job.

Sometimes, ransomware can feel like the flu. As soon as hospitals find a defense, a new and more sophisticated version appears—making it difficult for hospital leaders to keep up.

Cryptic names like WannaCry, Petya and SamSam—all variants of ransomware—have become common points of discussion in healthcare. But while those ransomware campaigns targeted businesses across industries, it’s becoming more prevalent to see hackers tailor their approaches within the healthcare industry, finding new technical vulnerabilities to exploit at specific hospitals and more closely customizing the phishing emails that deploy malware.

In 2018, healthcare organizations were the fourth most-common target for ransomware attacks, comprising 7% of attacks overall, after the technology (28%), consumer goods (15%) and manufacturing (11%) industries, according to a report released last year by Cylance, a cybersecurity company that BlackBerry acquired in 2019.

But the company’s researchers last year noticed an uptick in the sophistication of attacks targeting specific industries, particularly in healthcare and local governments, said Josh Lemos, vice president of research and intelligence at BlackBerry Cylance.

Because of the potential disruption to patient care, “hospitals and patient-serving environments” are more likely to pay, he added.

John Riggi, the American Hospital Association’s senior adviser for cybersecurity and risk, said he’s also noticed an increase in the “sophistication and severity” of ransomware attacks against healthcare organizations.

“They now appear to be highly targeted and highly specific attacks against specific hospitals,” he said.

In healthcare, ransomware accounted for more than 70% of all malware—”malicious software”—attacks, according to a data breach report Verizon released last year. Ransomware attacks can come with a hefty price tag for their victims, with hackers demanding thousands to millions of dollars in exchange for decrypting an organization’s computer files.

To read more… Ransomware targeting health systems in more ‘sophisticated’ ways.