Ransomware attacks are up sharply in the U.S., with hospitals becoming a favorite target, according to a new report.
According to research from cybersecurity firm Check Point, ransomware attacks are up 50% on a daily average globally and doubled in the last three months in the U.S. compared to the first half of 2020.
Particularly worrisome is the jump in attacks on hospitals and health care, according to Check Point. In the third quarter, the cybersecurity firm said the most attacked industries in the U.S. are:
- Health care: 16%
- Manufacturing: 12%
- Software vendor: 10%
- Government/Military: 9%
- Insurance/Legal: 7%
The surge at health care organizations is a concern “because delays in patient care can lead to patient harm…[these attacks] underscore the seriousness of the situation,” Check Point’s Head of Threat Intelligence, Lotem Finkelstein, said in a statement provided to Fox News.
Hospitals have been flooded with new patients trying to deal with coronavirus. Hackers know that a hospital will be more desperate to pay the ransom to keep their operations running, Check Point said.
Finkelstein pointed to recent attacks on one of the largest hospital chains in the U.S., Universal Health Services (UHS) and Germany’s University Hospital Düsseldorf. That attack is believed to have resulted in the death of a patient.
UHS, which had to shut down its computer systems after a “cyberattack” on Sept. 27, said on Monday it has made “substantial progress” toward restoring online operations across all of its IT networks.
Globally, the percentage of health care organizations impacted by ransomware nearly doubled, from 2.3% in the second quarter to 4% in the third quarter, Check Point added.
The top strains of ransomware are Ryuk and Maze. Ryuk now attacks 20 organizations a week, Check Point explained.
Check Point has created a list of the top 5 countries ranked by the most ransomware attacks in the last three months:
- U.S.: 98% increase, 313 attacks in Q3, 158 attacks in Q2
- India: 39.2% increase, 312 attacks in Q3, 224 attacks in Q2
- Sri Lanka: 436% increase, 134 attacks in Q3, 25 attacks in Q2
- Russia: 57.9% increase, 120 attacks in Q3, 76 attacks in Q2
- Turkey: 32.5% increase, 106 attacks in Q3, 80 attacks in Q2
The report also pointed to the evolution of ransomware into so-called “Double Extortion.” In this new type of attack, hackers first steal sensitive information, prior to encrypting a victim’s databases. Then, hackers will threaten to publish the information unless ransom demands are met.
“Our message to organizations everywhere is to stop paying the ransom. The more we pay, the more attacks we’ll see,” Check Point spokesperson Ekram Ahmed told Fox News.