- The overwhelming majority of ransomware attacks during the second quarter of 2016 (88%) went to healthcare entities, according to a report by cybersecurity vendor NTTSecurity, previously Solutionary.
- Education and finance were also significantly impacted at 6% and 4%, respectively, while all other industries combined accounted for less than 2%.
- Part of healthcare's popularity is the industry's own doing because it has often paid the ransom, the report suggested.
The number of ransomware attacks indicates healthcare is a disproportionately hot target compared to other industries. The issue of whether to pay a ransom is not always so simple for healthcare, hence the predicament. For all the talk about preparing appropriate disaster recovery plans, sometimes when it comes down to it, entities feel they and their patients will be safer by paying.
While that move may arguably make sense for individual institutions under threat, it has contributed to a fierce cycle for the industry. The high-profile $17,000 ransom payment by California-based Hollywood Presbyterian Medical Center in February occurred just before attacks began to spike 11% per month from March through May.
"As healthcare and education sectors continue to be plagued with ransomware and often pay the demanded ransoms, the probability of more targeted attempts in these sectors will increase," the report stated.
Another factor that has put healthcare organizations in the hot seat is their abundant use of systems and Internet of Things (IoT) devices because they can become pivot points for an attack or be targeted themselves, the report added.
In addition, as Solutionary threat intelligence analyst Terrance DeJesus, told CSO earlier this year, hackers are likely interested in healthcare because of a perception that it is less tech savvy than finance or other industries, and because the personal data from electronic medical records is attractive for identity theft.
HHS' Office for Civil rights released new guidance in July to help healthcare entities understand and prepare for the threat of ransomware.