Skip to content Skip to navigation

Report Finds that Ransomware Attacks and Demands are on the Rise

July 20, 2016
by Rajiv Leventhal
| Reprints

The latest research paper on ransomware from the Mountain View, Calif.-based Symantec finds that the disturbing trend has now grown into one of the biggest dangers facing businesses and consumers today.

In its annual “Ransomware and Businesses” report, Symantec found that across various industries, 2015 was a record year, with 100 new ransomware families discovered. The vast majority of new ransomware discovered is now the more dangerous form of the threat: crypto-ransomware, which is capable of locking away the victim’s files with strong encryption.

 The average ransom demand has more than doubled and is now $679, up from $294 at the end of 2015. This year has also seen a new record in terms of ransom demand, with a threat known as “7ev3n-HONE$T” requesting a ransom of 13 Bitcoins per computer ($5,083 at the time of discovery in January 2016), according to the report’s findings.

With 31 percent of global infections, the U.S. continues to be the country most affected by ransomware. The “services” sector, with 38 percent of organizational infections, was by far the most affected business sector, according to the report. Symantec said that healthcare "does not appear among the most frequently infected sectors," according to Bloomberg. However, within healthcare, ransomware is among the most concerning cyber threats to organizations, as revealed in the sixth annual survey of healthcare organizations by the Ponemon Institute. Across all industries, ransomware attacks have been growing every year, with the FBI receiving more than 2,400 complaints in 2015 for $24 million in losses—up from more than 1,800 complaints in 2014, per the Symantec report.

“These kinds of attacks are still relatively rare, but now that they have been proven possible, the potential opportunity to hold well financed organizations for ransom may motivate more attacks,” the report states. To this point, a recent Radware 2016 Executive Application and Network Security Survey found that 84 percent of U.S. and U.K. information technology (IT) executives at firms that had not faced ransom attacks said they would never pay a ransom, but among firms that had been attacked, almost half (43 percent) paid the ransom.

The report concludes by advising that adopting a multi-layered approach to security minimizes the chance of infection. Symantec’s strategy that protects against ransomware is outlined in three stages: prevent, contain, and respond.

Healthcare Informatics recently tackled the industry’s ransomware crisis in a two-part feature series. Part 1 looked at what the phenomenon means for patient care leaders today and what more can be done, while in Part 2, industry experts offer practical advice on how to address the ransomware threat right now.



CMS Hospital Compare Website Updated with VA Data

The Centers for Medicare & Medicaid Services (CMS) has announced the inclusion of Veterans Administration (VA) hospital performance data as part of the federal agency’s Hospital Compare website.

CMS Awards Funding to Special Innovation Projects

The Centers for Medicare & Medicaid Services (CMS) has awarded 20, two-year Special Innovation Projects (SIPs) aimed at local efforts to deliver better care at lower cost.

Center of Excellence in Genomic Science to be Established in Chicago

The National Human Genome Research Institute has awarded $10.6 million over five years for the establishment of a new research center in Chicago to advance genomic science.

EHNAC and HITRUST Combine HIPAA Security Criteria, CSF Framework

The Electronic Healthcare Network Accreditation Commission (EHNAC) and the Health Information Trust Alliance (HITRUST) announced plans to streamline their accreditation and certification programs.

Halamka on MACRA Final Rule: “CMS is Listening and I Thank Them”

Health IT notable expert John Halamka, M.D., CIO of Beth Israel Deaconess Medical Center in Boston, recently weighed in on the Medicare Access and CHIP Reauthorization Act (MACRA) final rule.

Texas Patient Care Clinic Hit with Ransomware Attack

Grand Prairie, Texas-based Rainbow Children's Clinic was the victim of a ransomware attack on its IT systems in August, affecting more than 33,000 patients, according to multiple news media reports this week.