As many as 1,981 schools, 290 hospitals, 105 local governments, and 44 universities and colleges were hit with ransomware in the US alone in 2022, showing ransomware attacks. extortion remains a significant cyber threat to the public sector and civil society.
Figures on the number of government, educational and healthcare organizations hacked ransomware attack was detailed by cybersecurity researchers at security firm Emsisoftwho analyzed disclosure statements, press reports, and information posted on the dark web.
But the figures suggest that the true impact of ransomware could be much higher because the data is largely based on publicly available reports — and many victims of ransomware attacks do not disclose incidents publicly.
In total, 105 state and city government agencies disclosed that they were affected by ransomware attacks that encrypt files and servers in 2022, up from 77 in 2021 when there were 77 ransomware attacks. The reported attack was aimed at the government.
The researchers suggest that much of the increase in reported ransomware attacks targeting local governments can be linked to a single incident in Miller County, Arkansas, where a mainframe breach resulted to malware that spread to endpoints in 55 different counties.
Data was stolen by cybercriminals in just over a quarter of reported incidents — although Emsisoft notes that excluding the Arkansas incident, more than half of the attacks involved data. whether stolen.
Cybercriminals ransomware steal data in a technique known as double blackmailwhere they will threaten to reveal the stolen information if the ransom is not paid.
Also: The real cost of ransomware is even greater than we realize
Of the local government agencies hit by ransomware in 2022, only one is known to have paid a ransom of up to $500,000. The largest ransom demand made by attackers against a government organization demanded $5 million — unpaid.
Education remains the main target of cybercriminal ransomware groupswith 89 educational institutions reporting ransomware attacks in 2022 — one more than 88 attacks in 2021.
However, the number of schools affected by the attackers nearly doubled in a year. In 2021, ransomware reached a total of 1,043 schools, while the number of attacks in 2022 was 1,981.
In total, 45 school districts were reported to have been victims of ransomware attacks, while 44 colleges and universities were also attacked with ransomware. Data was stolen in 65% of incidents against education in 2022, compared with 50% the year before. According to Emsisoft, at least three victims have paid ransom demands for the decryption key, with one known to cost $400,000.
Hospitals have long been the target of ransomware attacks because many cybercriminals see them as easy targets due to an unfortunate combination: hospitals need their systems up and running to treat patients but many hospital networks still rely on legacy software, often not Supported.
Attacks continue into 2022, with 25 incidents targeting hospitals and multi-hospital health systems, affecting patient care at 290 hospitals, with data, including Health information is protected, stolen in 68% of reported incidents.
Ransomware attacks hospitals can cause significant disruption to the patientpeople having surgery and rescheduled appointments, while ambulances have to be diverted to other hospitals — and the impact of the hospital ransomware attack can have long-term consequences.
“While immediate disruption to critical services poses the most obvious risk to patients, outcomes can also be affected in the long-term due to the effects of procedures or treatments. delayed may not be apparent until weeks, months or even years after the event.” says Emsisoft’s blog post.
Also: Ransomware: Why it’s Still a Big Threat and Where the Gangs Go Next
Overall, the number of ransomware attacks reported in 2022 remains similar to the number reported in 2021.
However, the figures only take into account the public sector as the private sector has no obligation to publicly disclose incidents, so it is difficult to get a realistic picture of the full scale of the attacks. ransomware and the disruption they cause.
This means more organizations will be disrupted by ransomware than the numbers indicated in this report, the researchers said.
While ransomware remains a significant cyber threat, actions can be taken by organizations to help them avoid falling victim to attacks or reduce the impact of an incident.
This includes apply security patches and updates as soon as possible to prevent cybercriminals from exploiting known vulnerabilities and introducing ransomware into the network.
User accounts also need to be secured with multi-factor authenticationso that in case usernames and passwords are stolen, It’s harder for an attacker to abuse stolen credentials to gain access to a network.
Organizations should also ensure that Backups are regularly updated and they are stored offlineso even in the event of a ransomware attack, it’s still possible to restore the network without being subject to ransom demands by criminals.
MORE ABOUT NETWORK SECURITY
