Showing posts with label Ransomware. Show all posts
Showing posts with label Ransomware. Show all posts

Thursday, November 21, 2024

Two-Thirds of Healthcare Organizations Hit by Ransomware – A Four-Year High, Sophos Survey Finds

Nearly 80% of Organizations Hit by Ransomware Took More than a Week to Recover 

Sophos, a global leader of innovative security solutions for defeating cyberattacks, recently released a sector survey report, “The State of Ransomware in Healthcare 2024,” which revealed that the rate of ransomware attacks against healthcare organizations has reached a four-year high since 2021. Of those organizations surveyed, two-thirds (67%) were impacted by ransomware attacks in the past year, up from 60% in 2023. The rising rate of ransomware attacks against healthcare institutions contrasts with the declining rate of ransomware attacks across sectors; the overall rate of ransomware attacks fell from 66% in 2023 to 59% in 2024.

Alongside an increase in the rate of ransomware attacks, the healthcare sector reported increasingly longer recovery times. Only 22% of ransomware victims fully recovered in a week or less, a considerable drop from the 47% reported in 2023 and 54% in 2022. In addition, 37% took more than a month to recover, up from 28% in 2023, reflecting the increased severity and complexity of attacks.

“While we’ve seen the rate of ransomware attacks reach a kind of “homeostasis” or even declining across industries, attacks against healthcare organizations continue to intensify, both in number and scope. The highly sensitive nature of healthcare information and need for accessibility will always place a bullseye on the healthcare industry from cybercriminals. Unfortunately, cybercriminals have learned that few healthcare organizations are prepared to respond to these attacks, demonstrated by increasingly longer recovery times. These attacks can have immense ripple effects, as we’ve seen this year with major ransomware attacks impacting the healthcare industry and impacting patient care,” said John Shier, field CTO, Sophos.

“To combat these determined adversaries, healthcare organizations must adopt a more proactive, human-led approach to threat detection and response, combining advanced technology with continuous monitoring to stay ahead of attackers.”

Additional findings from the report include:

Ransom Recovery Costs Surge: The mean cost of recovery in a healthcare ransomware attack was $2.57 million in 2024, up from $2.2 million in 2023 and double the 2021 cost 

Ransom Demands vs Payments: 57% of healthcare institutions that paid the ransom ended up paying more than the original demand

Root Cause of Attack: Compromised credentials and exploited vulnerabilities were tied for the number one root cause of attack, each accounting for 34% of attacks

Backups Targeted: 95% of healthcare organizations hit by ransomware in the past year said that cybercriminals attempted to compromise their backups during the attack.

Increased Pressure: Organizations whose backups were compromised were more than twice as likely to pay the ransom to recover encrypted data (63% vs. 27%)

Who Pays the Ransom: Insurance providers are heavily involved in ransom payments, contributing in 77% of cases. 19% of total ransom payment funding comes from insurance providers 

The latest Sophos report on real-world ransomware experiences explores the full victim journey, from attack rate and root cause to operational impact and business outcomes, of 402 healthcare organizations. The results for this sector survey report are part of a broader, vendor-agnostic survey of 5,000 cybersecurity/IT leaders conducted between January and February 2024 across 14 countries and 15 industry sectors.

Learn More About Ransomware

Turning the screws: The pressure tactics of ransomware gangs 

The State of Ransomware 2024

The effect of cyber insurance on the ransomware landscape 

The role of law enforcement in ransomware attacks

The role of unpatched vulnerabilities in ransomware attacks 

How often companies’ backups are compromised during ransomware attacks 

The rise of remote encryption among ransomware groups

Ransomware attackers targeting managed service providers (MSPs) in the 2024 Sophos Threat Report: Cybercrime on Main Street

The latest techniques, tactics and procedures (TTPs) of cyber attackers in the Active Adversary Report for 1H 2024 

The evolving ransomware business model in Junk Gun’ Ransomware: Peashooters Can Still Pack a Punch

Sophos X-Ops and its groundbreaking threat research by subscribing to the Sophos X-Ops blogs

Read the full State of Ransomware in Healthcare 2024 report on Sophos.com for additional global findings and data by sector.

Tuesday, August 13, 2024

Ransomware Groups Weaponize Stolen Data to Increase Pressure on Targets Who Refuse to Pay, Sophos Report Finds

Sophos, a global leader of innovative security solutions for defeating cyberattacks, recently released a new dark web report, “Turning the Screws: The Pressure Tactics of Ransomware Gangs,” which details how cybercriminals are weaponizing stolen data to increase pressure on targets who refuse to pay. This includes sharing the contact details or doxing the family members of targeted CEOs and business owners, as well as threatening to report any information about illegal business activities uncovered in stolen data to the authorities. 

In the report, Sophos X-Ops shares posts found on the dark web that show how ransomware gangs refer to their targets as “irresponsible and negligent,” and in some cases, encourage individual victims whose personal information was stolen to pursue litigation against their employer.

Wednesday, March 29, 2023

Ransomware Attacks in the Philippines surge by almost 60% in 2022, New Report from Palo Alto Networks Unit 42 Finds

The report reveals insights into the latest tactics of ransomware gangs; financial, geographical, and industry impacts based on data gathered from Unit 42 investigations.

Palo Alto Networks found that ransomware and extortion cases in the Philippines increased by 57.4% in 2022 with 11 reported cases across key sectors. Threat actors are utilizing more aggressive tactics to pressure organizations, with harassment being involved 20 times more often than in 2021, according to Unit 42™ incident response cases. 

Featured Post

HUAWEI ranked first in IDC’s Global Wearables Market for First Three Quarters of 2024

HUAWEI has been ranked first in IDC’s Global Wearable Device Market Quarterly Tracking report for global shipments in the first three quarte...