Report: Healthcare tops for ransomware incidents in Q2

The healthcare industry, far and away, led all others in volume of ransomware detections in the second quarter of 2016, according to a recent security firm report.

Roughly 88 percent of all ransomware detected was discovered in healthcare, while the next most targeted industry was education at 6 percent, according to the report, published by Solutionary. One reason? Its stakeholders often pay hackers.

The report, which examined “information through the research of significant events identified through global visibility” of a company’s client base, also points to “an abundance of systems and devices” as pathways for hackers. It also notes that ransomware detections between March and May of this year increased by 11 percent per month. The report highlights that, according to the FBI, since October 2013, business email compromise scams have resulted in more than $3 billion lost for more than 22,000 victims.

Ransomware has dominated much of the conversation in 2016 when it comes to cybersecurity and healthcare. High-profile hacks of a number of institutions this year--including Los Angeles-based Hollywood Presbyterian Medical Center and Columbia, Maryland-based MedStar Health--have led to lawmakers discussing how federal efforts and legislation to protect the industry can improve. The former institution paid $17,000 to regain control of its systems, with CEO Allen Stefanek saying it was “the quickest and most efficient way” to get operations back to normal.

Earlier this month, the Health and Human Services Department’s Office for Civil Rights released guidance focusing on ransomware and HIPAA. The guidance noted that if a healthcare organization’s computers are infected with ransomware, the government will consider it a data breach, unless there’s a low probability information has been compromised. The OCR document also reinforces the ways HIPAA compliance helps prevent and detect security threats.

To learn more:

- download the report (registration required)