Hospitals suffered at least 104 date extortion ransomware attack attempts in 2020

Hospitals suffered at least 104 date extortion ransomware attack attempts in 2020. (Photo by Iroz Gaizka / AFP)

Study: Half of organizations suffered a ransomware attack in 2020

At this point in 2021, the scale of cybersecurity vulnerabilities that organizations have had to endure throughout this ‘new normal’ period is likely on par with many other hardships they have had to face as a result of the pandemic. But a striking surge in targeted ransomware attacks is highlighting just how damaging these attacks can be, a recent study found.

Crowdstrike’s 2021 Global Threat Report found that one of the major observed behaviors during the pandemic was increased data extortion, where cybercriminals targeted high-value organizations including healthcare organizations with the intention of seizing their data for financial compensation.

56% of the organizations surveyed said they had experienced a ransomware attack last year, and around half of that amount actually paid the ransom, with the average extortion demand estimated to be US$1.1 million. Cybersecurity professionals expressed their increased concern about the mounting risk of a ransomware attack in the months since COVID-19, compared to other security vulnerabilities.

The report highlighted how cybercriminals are now coordinating larger-scale attacks in an organized manner, rather than the prior trend of opportunistic bad actors seizing upon a flaw in the cybersecurity system.

CrowdStrike said that fear, concern, and curiosity surrounding COVID-19 provided the perfect cover for a record-setting increase in social engineering attacks from both e-crime actors and targeted intrusion adversaries. One group dubbed Twisted Spider was responsible for 26 attacks on health care organizations.

“This year’s Global Threat Report was indicative of the unique challenges we faced in 2020. We saw an unprecedented number of threats fuelled by criminal groups looking to exploit the panic and disruption caused by the COVID-19 pandemic, with both eCrime and targeted intrusion adversaries stepping up their efforts to slip past defences and avoid detection,” Jagdish Mahapatra, CrowdStrike’s vice president and managing director in Asia, told Tech Wire Asia.

State-sponsored attacks also rose sharply last year, with certain Asia Pacific (APAC) territories hit more than others. “Cyber-enabled regional espionage hit South and Southeast Asia particularly hard, with both private and government operations coming under threat,” said Mahapatra. “We also confirmed a total of 104 healthcare organisations across the globe were targeted in 2020; a trend we expect to continue well into 2021 as adversaries continue to conduct intelligence gathering efforts on vaccines and other sensitive information.”

A ransomware attack using data extortion tactics and healthcare disruptions ruled the threat scene in 2020, but going forward espionage attacks on the COVID-19 vaccine supply chain is expected to show a nasty growth.

“We anticipate state-sponsored actors to target the data being generated by Asia’s vaccine rollout in an effort to gain access to government intelligence and sensitive personal information,” agreed Mahapatra. “Governments must work alongside the healthcare industry to protect vaccine supply chains through a comprehensive and identity-centric approach to security.”