FBI: Healthcare hit with most ransomware attacks of any critical sector

Authorities have reported an increase in ransomware attacks aimed at the healthcare sector, and a new FBI report sheds more light on the threat.

The FBI’s Internet Crime Complaint Center (IC3) issued a report this week on cyberattacks and breaches. Federal authorities say the FBI received more reports of ransomware attacks targeting the healthcare and public health sector than any other critical infrastructure sector in 2022.

The FBI received 870 reports of ransomware attacks aimed at organizations belonging to 16 critical infrastructure sectors. The healthcare sector topped the list with 210 reports of ransomware attacks, well ahead of any other sector and at least twice as many as most others.

Following the healthcare sector, the other infrastructure sectors with the most reported ransomware attacks to federal authorities in 2022 were critical manufacturing (157); government facilities (115); information technology (107); and financial services (88).

Federal authorities acknowledge not all ransomware attacks are reported to the FBI. But there’s evidence that cyberattacks are more costly.

The FBI says it received a total of 800,944 complaints of all cyberattacks and incidents in 2022, which was actually a 5% decrease from 2021. However, the FBI said the potential loss from those attacks rose from $6.9 billion in 2021 to more than $10.2 billion in 2022.

Nearly 50 million Americans were affected by a data breach of health information in 2022, according to an analysis by Critical Insight, a cybersecurity company. All of the 11 largest health data breaches in 2022 affected at least one million people, according to data compiled by the U.S. Department of Health & Human Services.

Read more: The 11 biggest health data breaches in 2022

Nearly half (47%) of healthcare IT professionals said their organizations experienced a ransomware attack in the past two years, up from 43% in 2021, according to a survey released by the Ponemon Institute.

Ransomware attacks aren’t just hampering operations and costing money. They’re affecting patient care. The Ponemon survey found 45% of health IT pros reported complications from medical procedures due to ransomware attacks, up from 36% in 2021.

CommonSpirit Health suffered a ransomware attack last fall that impacted 620,000 patient records, according to the health department. The system took its electronic medical records offline and had to reschedule some patient appointments.

The Lehigh Valley Health Network in eastern Pennsylvania disclosed a ransomware attack last month, and said it would not pay. Lehigh Valley said a gang known as BlackCat, which has ties to Russia, launched the attack. The health network said this month that the ransomware group posted photos of cancer patients on the dark web, according to WPVI-TV in Philadelphia and other media outlets.

Cybersecurity analysts say ransomware groups are targeting hospitals because they know that many will pay to get their systems restored. And patient records are valuable on the dark web, experts say.

Lee Kim, the senior principal, cybersecurity and privacy at the Healthcare Information and Management Systems Society (HIMSS), said health systems are making progress, but many remain too vulnerable to ransomware and cyber attacks.

In a December interview with Chief Healthcare Executive®, Kim said, “The extortion techniques that are used to try to force hospital systems to pay ransom, that’s certainly in vogue at the current time," she said.

Authorities urge organizations that have suffered ransomware attacks to the FBI and local authorities to increase the chances of recovering funds and find attackers.

The Justice Department said in January that the FBI managed to disrupt a ransomware group known as Hive. The FBI managed to penetrate Hive’s systems and prevented victims from having to pay $130 million in ransom payments, the justice department said.

(In this video, Lee Kim of HIMSS talks with Chief Healthcare Executive about cybersecurity in healthcare.)