New research has revealed that hackers are now favouring smaller healthcare facilities and hospitals as targets for ransomware attacks, as they are seen to be more likely to pay demands in order to avoid disruption to care.

The latest report compiled by cybersecurity researchers indicates that most successful ransomware-type attacks against the healthcare sector have affected centres and hospitals with 500 or fewer staff members. The intelligence supplied by the researchers also reveals that around 70% of ransomware attacks analysed impacted less sizeable providers, and that attacks have shown a 35% increase from 2016 to 2019.

Ransomware attacks during the COVID-19 outbreak

The current COVID-19 crisis is providing a fertile environment for hackers, with attempts to deploy ransomware on the rise and flourishing. The research report called the coronavirus outbreak “a perfect storm for cyberattacks.” Researchers examined 127 attacks utilising ransomware over a three-year term to work out how threat actors have adjusted their methods of attack to increase their effectiveness and determine methods healthcare providers can use to safeguard patient data.

The researchers noted:

“This digital revolution happened quickly, but with the outbreak of COVID-19, it has suddenly gone into hyperdrive. Almost overnight, workforces and business operations decentralised and were flung around the world, widening the protection gaps and decreasing visibility into their attack surfaces. Cybercriminals are capitalising on coronavirus concerns, which has led to a spike in malicious online activity that we assess will increasingly impact healthcare facilities and COVID-19 responders.”

Based on their latest findings, researchers found that hackers showed a tendency to target facilities that focused on direct patient care. Out of 127 targets under analysis, hospitals and healthcare centres made up 51%, medical practices 24% and health and wellness facilities comprised 17%.

Targeted attacks on facilities with low-level security

Hackers are targeting these smaller facilities for two main reason. Firstly, centres with fewer employees have been proven to be more prone to pay, and secondly because they tend to have low levels of security support. Statistics unearthed by the research report suggest that three-quarters of smaller to medium-sized healthcare centres and hospitals do not have a dedicated IT security chief on their staff.

The standard ransom demand is around £47,000, but there are further costs beyond what is paid to the hackers. An earlier research report revealed that such ransomware attacks can also result in around 8% of data being lost and about 10 days’ worth of downtime.

Facilities that fall victim to ransomware attacks by hackers can also face further costs in the form of lawsuits from patients. Hospitals and health centres have an obligation to ensure patient information is kept completely confidential and targeted ransomware attacks represent a dangerous breach in data protection.

Out of the facilities infected using ransomware, only 16% opted to pay the ransom demanded. Law enforcement agencies and tech companies have advised that paying a ransom should always be the last resort because cybercriminals tend to target organisations repeatedly if they display that they are willing to pay.

If you’d like to discuss your cybersecurity issues, please get in touch with the team at Galaxkey.

We’d be happy to help.