Cybercriminals turned their sights on healthcare organizations in the second quarter of 2022, with a 90% increase in attacks, according to research from Kroll.
The consulting firm believes ransomware groups have ended their “truce” on attacks against healthcare organizations stemming from the Covid-19 pandemic.
Healthcare was the top targeted sector accounting for 21% of all Kroll cases in Q2, compared to only 11% in Q1 2022.
“Historically, healthcare is an attractive target to ransomware groups, as the disruption of critical networks impacting life-saving services may encourage organizations to pay ransom demands,” said Derek Rieck, Associate Managing Director in Cyber Risk.
The most common threat types to impact the healthcare sector were ransomware, followed by unauthorized access and email compromise.
In the ransomware cases, it was common to see a double extortion tactic in which threat actors copy data before encryption and threaten to leak the stolen data during ransom negotiations.
Phishing remained the top access method across all incident types, Kroll observed. However, external remote services such as remote desk protocol increased 700% in Q2. They were most likely to lead to a ransomware event.
According to Kroll, the critical takeaway from Q2 2022 is not to neglect remote services in your cyber strategy.
“As many organizations transition to a hybrid style of working, identifying the vulnerabilities that external remote services present is critical,” said Stephen Green, VP in Kroll’s cyber risk practice. “Now is the time to readdress these environments and build resilience for a longer-term remote strategy.”
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.