Ransomware continues to be a popular tool deployed by criminals, as events increased by 13% in 2021, according to Verizon’s 2022 Data Breach Investigations Report.
The Verizon report said that the 13% rise in ransomware in 2021 represented “an increase as large as the last five years combined.”
Healthcare organizations remain a favored target for criminals. In a separate survey, IT security company Sophos says ransomware attacks against healthcare organizations nearly doubled between 2020 and 2021.
The researchers wrote that the rise in attacks demonstrates “that adversaries have become considerably more capable at executing the most significant attacks at scale.”
However, there’s a silver lining.
“In the face of this near-normalization, healthcare organizations have gotten better at dealing with the aftermath of an attack: virtually everyone now gets some encrypted data back and nearly three quarters are able to use backups to restore data,” the Sophos, “The State of Ransomware in Healthcare 2022” report said.
While malicious malware comes in a variety of different flavors, the way ransomware makes its way into computer systems is not as diverse. According to Verizon’s data breach report, 40% of ransomware incidents involved using Desktop sharing software, while 35% involved using Email.
Although errors in system misconfiguration, particularly in cloud storage, contributed to breaches, the human element was the main driver of data breaches, Verizon found.
In 2021, 82% of breaches involved the human element. “Whether it is the use of stolen credentials, phishing, misuse or simply an error, people continue to play a very large role in incidents and breaches alike,” the firm said.
However, Verizon did see some progress on phishing attacks. Fewer people are clicking on phishing lures over time.
“While only 2.9% of employees may actually click on phishing emails, a finding that has been relatively steady over time, that is still more than enough for criminals to continue to use it,” Verizon said.
Verizon drew upon data from 87 contributors including Coalition, Chubb, Crowdstrike, BitSight, and more. Read Verizon’s full Data Breach Investigation Report here.
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.