October 26, 2022

Healthcare sector has been victim to 25% of ransomware attacks in 2022

By: Bridget Brown

Editor's Note

According to data from the FBI, just in 2022, 25% of ransomware attacks have been directed at the healthcare sector, Becker’s Health IT October 26 reports. Common Spirit Health, one of the largest nonprofit hospital systems in the US, is the latest reported victim to a ransomware attack, which occurred in October, according to Becker's. The attack forced records and payroll systems to go offline at many of its facilities across the US.

This year saw the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and Department of Health and Human Services issue several cybersecurity alerts warning the healthcare industry of potential threats, many of which were covered by OR Manager.

The latest alert was issued on October 21 and concerns the Daixin Team, "a cybercrime group that is actively targeting US businesses, predominantly in the Healthcare and Public Health (HPH) Sector, with ransomware and data extortion operations." In the same alert, the FBI and Internet Crime Complaint Center (IC3) noted that the healthcare sector had more reports of ransomware attacks than any other industry in 2021, accounting for 148 out of 649 attacks.

OR Manager also reported in 2021 that cybersecurity threats targeting healthcare directly impact patient safety. The healthcare industry is the most vulnerable to cybersecurity attacks and often has the most to lose. Protecting healthcare systems from cyberattacks is a main priority, the latest alert noted, and CISA and the White House continue to make contingency plans and release resources to strengthen systems.

In the most recent alert, the agencies recommend that healthcare facilities take the following actions to mitigate cyber threats from ransomware:

  • Install updates for operating systems, software, and firmware as soon as they are released.
  • Require phishing-resistant multifactor authentication for as many services as possible.
  • Train users to recognize and report phishing attempts.

Live chat by BoldChat