Cyber attacks targeting healthcare organizations have spiked by 45% since November 2020 as COVID-19 cases continue to increase globally.
The average number of weekly cyber attacks in the healthcare sector reached 626 per organization in November as opposed to 430 the previous month, with attack vectors ranging from ransomware, botnets, remote code execution, and distributed denial-of-service attacks.
Ransomware attacks against hospitals also marked their biggest jump, with Ryuk and Sodinokibi emerging as the primary ransomware variants employed by various criminal groups.
The usage of Ryuk emphasizes the trend of having more targeted and tailored ransomware attacks rather than using a massive spam campaign, which allows the attackers to make sure they hit the most critical parts of the organization and have a higher chance of getting paid,” Omer Dembinsky, Check Point’s manager of data intelligence, said.
Central Europe topped the list of regions impacted by the increase in attacks against healthcare organizations with a 145% uptick in November, followed by East Asia and Latin America.
” The alert cautioned of adversaries targeting the Healthcare and Public Health sector with TrickBot and BazarLoader malware, resulting in ransomware infections, data theft, and the disruption of healthcare services.
Over the past two months, state-sponsored actors have ramped up their cyber assaults against government health ministries and companies involved in COVID-19 vaccine distribution, not to mention staging ransomware attacks on pharmaceutical firms such as Dr. Reddy’s Laboratories that are engaged in vaccine trials.
Ransomware cases, in particular, have capitalized on the coronavirus pandemic, not least because it boosts the likelihood that hospitals will meet attackers’ demands to quickly recover access to critical systems and provide care to patients.
The University of California paid the hackers 116 bitcoin after a NetWalker attack on its systems back in June.
“Medical services and research organizations targets for attacks seeking to steal valuable commercial and professional information, or to disrupt vital research operations,” the researchers concluded.
Mitigation for Cyber attacks
Regular Scanning of all components of software
Focussing on cybersecurity