Check Point’s 2022 Mid-Year Report has revealed the healthcare industry has seen the biggest percentage rise in cyberattacks out of all industry sectors, increasing by 69% in 1H 2022, compared to 2021. Healthcare now ranks fifth highest in the number of weekly attacks, behind education, government/military, ISP/MSP, and communications.
Check Point explains in the report that 2022 has demonstrated that cyberattacks have become firmly entrenched as a state-level weapon, with the first half of the year seeing an unprecedented increase in state-sponsored attacks due to the ongoing war in Ukraine, along with a major increase in hacktivism – the recruitment of private citizens for an ‘IT Army’ for conducting attacks. Check Point says the fallout from this is likely to be felt by governments and enterprises worldwide.
The ability of cyberattacks to affect everyday lives has become crystal clear. 2022 has seen attacks conducted on TV stations that have stopped broadcasting, while attacks on critical infrastructure and government departments have crippled essential services. Many of these attacks have been conducted in Ukraine, but this is a worldwide problem. The attack on Costa Rica crippled services across the country, including healthcare, and it was not an isolated incident, with a similar attack hitting Peru shortly after. Cyberattacks that have a country-wide impact may become more common. In education, the ransomware attack on Lincoln College forced it to close its doors after 157 years, and numerous ransomware attacks on healthcare providers have caused major disruption to healthcare services.
There has been a step up from cybercriminal organizations conducting attacks for financial gain on individual organizations to them acting like nation-state-level threat actors. The Conti ransomware operation, in response to the decision of Costa Rica not to pay the ransom, sought to overthrow the government by encouraging citizens to revolt. Some cybercriminals groups now consist of hundreds of individuals and have revenues of hundreds of millions or even billions of dollars. In some cases, these groups function like genuine businesses, with some even paying for physical office space, and operating at that scale becomes difficult without at least some backing from governments in the countries where they are based. There has also been a trend that has seen cybercriminals dispense with ransomware altogether, and instead, they are opting for plain extortion – stealing data and demanding a ransom for its return, as is the modus operandi of the Lapsus$, RansomHouse, and Karakurt threat groups.
Check Point’s data shows there has been a 42% increase in cyberattacks globally in the first half of 2022, with all regions experiencing a significant escalation in cyberattacks. Globally, 23% of corporate networks have been attacked with multipurpose malware, 15% have seen attacks using cryptominers, 13% have had infostealer infections, 12% have experienced mobile attacks, and 8% have suffered ransomware attacks. Healthcare is one of the most attacked sectors, with attacks increasing by 69% to an average of 1,387 attacks on organizations every week.
In the Americas, Emotet has regained its position as the most common malware threat following its takedown by law enforcement in January 2021 which brought attacks to a grinding halt. Emotet has been used in 8.6% of malware attacks in 1H, 2022, with a wide range of malware variants now being used, with Formbook (4.2%), Remcos (2.3%), and XMRig (1.9%) the next most common.
High-profile vulnerabilities continue to be exploited to gain access to corporate networks, with the Atlassian Confluence RCE vulnerability (CVE-2022-26134), Apache Log4j RCE vulnerability (CVE-2021-44228), F5 BIG IP RCE vulnerability (CVE-2022-1388) the most commonly exploited.
Check Point has made predictions for the rest of the year based on attack trends identified in 1H 2022. Ransomware is expected to become a much more fragmented ecosystem, the disabling of macros is likely to see more diverse email infection chains employed, hacktivism is expected to continue to evolve, and attacks on the blockchain and crypto platforms are expected to increase.
The advice of Check Point to improve defenses is to install updates and patches regularly, adopt a prevention-first strategy and approach, install anti-ransomware solutions, improve education about cyber threats, collaborate with law enforcement and national cyber authorities, and prepare for the worst by implementing and testing incident response plans that can be immediately actioned in the event of a successful attack.
The post Mid-Year Report Shows Healthcare Cyberattacks Have Increased by 69% appeared first on HIPAA Journal.