Skip to content Skip to navigation

Report: 88 Percent of All Ransomware Is Detected in Healthcare Industry

July 27, 2016
by Heather Landi
| Reprints
Click To View Gallery

As many healthcare information security leaders already know, healthcare organizations continue to be a target for hackers, and new research confirms that industry leaders have cause for concern.

A report from Omaha, Neb.-based Solutionary, a cybersecurity service provider, found that 88 percent of all ransomware detected in the second quarter of 2016 was within the healthcare industry.

“Healthcare has been a target for ransomware campaigns because the industry has often paid ransom to retrieve vital customer data quickly. Furthermore, healthcare organizations use an abundance of systems and devices that are crucial pivot-points for an attacker, and they can even be victims of ransomware themselves,” Rob Kraus, director of research at Security Engineering Research Team, Solutionary, said in a statement.

For its Security Engineering Research Team (SERT) Quarterly Threat Report for Q2 2016, Solutionary SERT performed a broad analysis of the threat landscape and researchers found that Cryptowall was the top ransomware variant detected during the quarter, accounting for nearly 94 percent of detections.

Solutionary researchers also identified the top attack types of Q2 2016. Out of 11 categories, the top three—web application, malware and application-specific attacks—accounted for roughly 62 percent of all attacks. Threat actors focused primarily on web applications, which were the target of nearly 24 percent of all attacks.

And, attacks focusing on ActiveX or Adobe products accounted for nearly 48 percent of all attacks against the top five industries (retail, healthcare, education, finance and technology), according to the Solutionary report.

The Solutionary report also emphasizes the steps organizations should be taking to protect data, such as ensuring a robust backup and recovery process, and that security software is up-to-date and able to detect the most recent ransomware variants. “As the threat continues to evolve, it will be crucial for organizations to have defined incident-response procedures and proper detective and proper detective and preventive controls in place to reduce ransomware’s impact,” the study authors wrote.



CMS Hospital Compare Website Updated with VA Data

The Centers for Medicare & Medicaid Services (CMS) has announced the inclusion of Veterans Administration (VA) hospital performance data as part of the federal agency’s Hospital Compare website.

CMS Awards Funding to Special Innovation Projects

The Centers for Medicare & Medicaid Services (CMS) has awarded 20, two-year Special Innovation Projects (SIPs) aimed at local efforts to deliver better care at lower cost.

Center of Excellence in Genomic Science to be Established in Chicago

The National Human Genome Research Institute has awarded $10.6 million over five years for the establishment of a new research center in Chicago to advance genomic science.

EHNAC and HITRUST Combine HIPAA Security Criteria, CSF Framework

The Electronic Healthcare Network Accreditation Commission (EHNAC) and the Health Information Trust Alliance (HITRUST) announced plans to streamline their accreditation and certification programs.

Halamka on MACRA Final Rule: “CMS is Listening and I Thank Them”

Health IT notable expert John Halamka, M.D., CIO of Beth Israel Deaconess Medical Center in Boston, recently weighed in on the Medicare Access and CHIP Reauthorization Act (MACRA) final rule.

Texas Patient Care Clinic Hit with Ransomware Attack

Grand Prairie, Texas-based Rainbow Children's Clinic was the victim of a ransomware attack on its IT systems in August, affecting more than 33,000 patients, according to multiple news media reports this week.