According to the cybersecurity company, Sophos, 34 percent of healthcare organizations experienced some sort of ransomware attack in 2020 with attackers being successful nearly two-thirds of the time. The average cost for a medical firm to recover from a ransomware attack was $1.3 million. The big picture is even more daunting. According to the technology company, Comparitech, ransomware attacks cost the healthcare industry an estimated $20.8 billion in downtime last year. That’s double the cost experienced in 2019. Many of the ransomware attacks upon the medical community involve the exfiltration of data just prior to encrypting it, giving the victimized organization two things to worry about. According to the HIPAA Journal, the top three data breaches over the month of April this year involved ransomware, involving more than 1.3 million healthcare records. It’s important to remember that cyberattacks can hit on a very personal level.
The reason why cybercriminals target the healthcare industry is straight forward. Patient records equate to money. According to CBS News, Patient records garner top dollar, as much as $1,000, making it a lucrative business on the dark web. That’s because a single patient record holds so much information including Social Security numbers (SSN), date of birth (DOB), credit card details and medical information. Besides the requirement by HIPAA regulations that patient data must be digitized today, insurance companies now collect vast amounts of personal information on patients for the purpose of big data and advanced analytics. While health insurers have done a better job than the medical community it services, insurance companies must continue to vigilantly secure their ever-growing reservoirs of sensitive and personal data.
A Congressional hearing took place back in May of this year. The chief executives of Wall Street’s six largest banks were in attendance and asked to name the greatest threat to their companies and the financial system at large. The near unanimous answer was cybersecurity. Wall Street leaders are concerned about cyberattacks. So much so that CEO, Jamie Dimon, reported in a company newsletter that JPMorgan-Chase spends some $600 million dollars a year on cybersecurity efforts, employing more than 3,000 employees focused on protecting the company’s digital estate.
Their anxiety is certainly justified. Cyberattacks against financial institutions have steadily grown in the past six years. Not only do financial organizations have a far greater propensity to experience a cyberattack than any other type of organization, they are the prime target, with U.S. banks being the most embattled. On top of that, the industry also has the highest average remediation costs when it comes to data breach remediation ($5 million). In the same way that banks have managed to deter traditional bank robberies through proper security practices over the years, it is time to do the same against digital break-ins as well.
Manufacturing encompasses just about any product you purchase – from computer chips to beverages. The recent disruption in our nation’s supply chains due to the COVID outbreak shows us just how vulnerable we are to supply interruptions. As manufacturers have steadily moved towards their digital transformations, they have also become more exposed to cyberattacks. Earlier this summer, one of the largest meat producers in the world, JBS Foods, paid a ransom of $11 million in order to resume operations after a devastating ransomware attack. Back in March of this year, the Molson Coors, the world’s fifth largest beer maker, notified the SEC about a ransomware attack it experienced. Even the parent company of the legendary Jack Daniels distillery had to contend with a ransomware attack a year ago in which attackers also managed to steal over 1 TB of data.
The list goes on and on. That’s because one in five manufacturing firms are targeted by cyberattacks. That’s according to the Manufacturing Cybersecurity Threat Index report in which nearly one quarter of manufacturing companies are attacked each week. According to the 2021 Global Threat Intelligence Report, the manufacturing sector experienced a 300 percent increase in worldwide cyberattacks. The primary objectives of these attacks are to either extract proprietary information that can be sold to a competitor or to bring down operations via a ransomware attack.
According to the cybersecurity company, Emsisoft, there were 26 ransomware attacks involving colleges and universities in 2020. Many of these attacks proved successful, garnering the attackers as much as $1.14 million in a single haul. Even K12 systems aren’t out of the fray. According to the FBI and the Department of Homeland Security, over half of all ransomware attacks during the months of August and September of 2020 were experienced by K12 school systems. It is no coincidence of course that those two months coincide with the return to school. So why are attackers pursuing educational institutions? For K12 it is the easy pickings of low hanging fruit as school districts often lack the personnel, knowledge base and funding to properly defend against these attacks. For colleges, it is the allure of advanced research data that attracts espionage efforts.
Professional services such as legal and accounting firms deal with a lot of sensitive data, a fact that cybercriminals have readily noticed. While attacks on some professional service companies such as the incident involving a New York law firm that represents A-list clients such as Lady Gaga and Bruce Springsteen capture the headlines, most attacks go unnoticed as these firms are unknown out of their localized areas. That doesn’t diminish the need for cyberdefense, however. For professional service companies, their reputation is everything. For example, who is going to contract with an IT services company that can’t protect its own network? According to the Verizon Data Breach Report, half of all cybercrime committed against professional service firms is spy or espionage related. While local professional service firms certainly don’t have the deep pockets as some national players, they are still required to perform their due of care to protect the third-party information they work with.
Regardless of your industry, the task of securing it against internal and external cybersecurity threats begins with a risk assessment. And your organization has its own unique environment – it requires a comprehensive analysis to identify compliance, vulnerabilities, threats, and appropriate safeguards. Understand what the trending threats in your industry are with a review of the HALOCK Industry Threat (HIT) Index to best prepare and be response ready. We can help provide guidance on how to prioritize and optimize your security resources through a Risk Management Program and establish reasonable security.
HALOCK Breach Bulletins
Recent data breaches to understand common threats and attacks that may impact you – featuring description, indicators of compromise (IoC), containment, and prevention.