Complex Made Simple

Ransomware not slowing down and healthcare a prime target

According to a Symantec Security Summary, So much for ransomware being relegated to the status of a nuisance threat. Big corporate and government targets are still under attack from ransomware attackers - and the threats are mounting.

There is an uptick in ransomware attacks against health care organizations, industrial companies, and the transportation sectors More than 3,054 healthcare data breaches between 2009 and 2019 exposed 230,954,151 healthcare records Healthcare facilities hit by a data breach or ransomware take an extra 2.7 minutes to respond to a patient

The latest: A large foreign currency exchange was forced to suspend service for a couple of weeks following a malware infection on December 31. More recently, an aerospace manufacturing company got hit in a data exfiltrating ransomware attack where some stolen files were published by the group behind the attack. And a Canadian government entity was attacked, leading to the posting of internal documents.

The Symantec Security Summary said the FBI’s warning last fall turned out to be prescient; at the time, the agency said it expected an uptick in ransomware attacks against “health care organizations, industrial companies, and the transportation sector as criminals look to pull off bigger heists by targeting larger corporate targets.

If you ever wanted to come up with a fitting name for the “bad guy” in a James Bond film, you’d be hard-pressed to do better than “Evil Corp.” That’s the moniker for the infamous Russian hacker group, which is believed to have ripped off online banking victims to the tune of $100 million plus over the last decade. Their preferred MO is to use email phishing campaigns to inject the Dridex malware that can use a variety of techniques to steal passwords, or create phony banking pages to fool a target into entering their credentials.

Report: Cyber criminals are increasingly turning to ransomware as a secondary source of income

But Evil Corp. isn’t the only worry for the financial sector. Banks and financial services companies are also being targeted by a group known as TA505, which has reportedly been targeting multiple banks and insurance organizations around the globe. Over the years, TA505 has carried out malicious spam campaigns distributing instances of the Dridex banking Trojan, Locky ransomware, Jaff ransomware, The Trick banking Trojan, and several others. In its latest burst of activity, TA505 has been identified as using HTML redirectors to deliver malicious Excel documents. Further, the group has demonstrated its adaptability, shifting tactics to carry out its felonious activities. One best practice to follow that can help mitigate your risk: Be extra-careful about clicking on Excel spreadsheets you didn’t ask for and don’t enable content on any document that’s not trusted.

Read: Local government and the enduring scourge of ransomware

ReadSophos uncovers new version of Snatch ransomware

Healthcare hazards

Key stats: More than 3,054 healthcare data breaches between 2009 and 2019 involving more than 500 records resulted in the loss, theft, exposure, or impermissible disclosure of 230,954,151 healthcare records. 

When it comes to healthcare, cyber security remains a proverbial work in progress. Despite increases in budgets and staffing, breaches and security incidents continue to climb with 2019 seeing more reported data breaches than any other year since records first started being published, with healthcare data breaches reported at a rate of 1.4 per day. Separately, a recent Ponemon study flagged healthcare as having highest the costs associated with data breaches at $6.45 million – over 60% more than the global average of all industries. And that’s for the 9th consecutive year.

A recent study by Vanderbilt University’s Owen Graduate School of Management found that it takes healthcare facilities hit by a data breach or ransomware an extra 2.7 minutes to respond to a patient with a suspected heart attack. This could result in as many as 36 additional deaths per 10,000 heart attacks that occur each year. The study also found that at least 10% of the more than 3,000 Medicare-certified hospitals of the on the US’ Department of Health and Human Services (HHS) list were hit by a cyberattack.

 Then there’s the WannaCry ransomware cryptoworm, which hit the NHS hard in 2017. Appropriate security patches had previously been pushed out but remained ineffective without machine reboots. The clean-up cost? Around £92 million.