Ransomware up 3000% since first recorded, now targeting hospitals

In its September 2016 Threat Report, Intel Security describes how ransomware attacks are up 3000 percent since records began in 2012, and why attackers are now turning to the healthcare industry.

Ransomware
Ransomware

Intel Security today released its McAfee Labs Threats Report: September 2016, which assesses the growing ransomware threat to the healthcare industry.

The total number of ransomware samples overall has seen a sharp rise of 127 percent in the past year, taking the total number of ransomware samples to a staggering 7.3 million.

Speaking to a group of journalists in central London, Raj Samani, EMEA CTO for Intel Security, highlighted that the computer malware, designed to hold victims to financial ransom over their data, has risen by over 3000 percent since it was first recorded in 2012.

The report attributes the growth of this style of threat is in part due to the lucrative nature of such attacks.

In the first half of 2016, Intel Security's researchers identified a ransomware author and distributor who appeared to receive US $121 million worth of bitcoin (BTC 189,813) in payments from ransomware operations targeting a variety of sectors.

According to Intel Security the healthcare sector is under particular threat, with this industry experiencing over 20 data loss incidents per day.

Intel Security identified nearly $100,000 in payments from hospital ransomware victims to specific bitcoin accounts so far this year.

Following a rash of targeted ransomware attacks upon hospitals in early 2016, Intel Security investigated the attacks, the ransomware networks behind them, and the payment structures enabling cyber-criminals to monetise their malicious activity.

While healthcare is still clearly a small proportion of the overall ransomware ‘business,' McAfee Labs expects a growing number of new industry sectors to be targeted by the extensive networks launching such attacks.

Samani attributed this rise in ransomware attacks on hospitals and the attack on medical data to the fact that, “the data is not perishable, as opposing to credit cards which can be replaced.”

The research team attributes the increased focus on hospitals to such organisations' reliance on legacy IT systems, medical devices with weak or no security, third-party services that may be common across multiple organisations, and hospitals' need for immediate access to information to deliver the best possible patient care.

Samani told SCMagazineUK.com: “Day-to-day ransomware attacks on computer devices are fast becoming the norm – and attackers are starting to target sectors such as healthcare, which have historically suffered fewer data breaches and as such have tended to focus less on security.

“The next phase of ransomware will see this form of attack creeping into our everyday devices. Ransomware in connected cars and smart devices has been proven in concept and it's only a matter of time before we see instances of people left helpless, unable to drive their cars or use their home appliances unless they pay up a ransom. This is the shape of the future – devices we wouldn't normally perceive as computers being held to ransom by cyber-criminals for financial gain.

“In order to undermine the growing sophistication of ransomware, we need to stay one step ahead – moving security measures beyond traditional devices, to ensure consumers and businesses are protected across every network and have the tools in place to correct systems if an attack is detected.”