Security News > 2022 > August > Ransomware is back, healthcare sector most targeted

In Q2 2022, Kroll observed a 90% increase in the number of healthcare organizations targeted in comparison with Q1 2022, dropping the final nail in the coffin for the "Truce" some criminal groups instituted earlier in the COVID-19 pandemic.

Ransomware helped to fuel this uptick against healthcare as attacks increased this quarter to once again became the top threat, followed closely by email compromise.

Key findings 90% increase in number of healthcare organizations targeted compared to Q1, 2022.

Ransomware incident most likely to begin by an external remote service being compromised in Q2. External remote services as an initial access method for attackers was up 800%, and CVEs were exploited 70% more for initial access in Q2. Conti was associated with only 18% of attacks in Q2 compared with 20% in Q1 and 35% in Q4, while Black Basta rose from 0 to 13% of all incidents in this quarter alone.

"Laurie Iacono, Associate Managing Director for Cyber Risk at Kroll said:"It is concerning to see healthcare rise so dramatically up the most targeted industry list, at a time when services are undoubtedly still under pressure as they recover from the strained environment caused by COVID-19.

"The legacy of the pandemic can perhaps also be seen in the vulnerability of external remote services. In Q2, we saw many ransomware groups take advantage of remote environments by using security gaps in those tools to compromise networks. All organizations - and especially those in healthcare - would do well to test the resilience of their external remote services and preparedness for ransomware in light of this latest report."

News URL

https://www.helpnetsecurity.com/2022/08/15/healthcare-organizations-targeted/