During the second quarter of 2016, 88% of all ransomware detections in the US occurred at healthcare organizations. This is reported by the Security Engineering Research Team (SERT) from NTTSecurity in their Q2 2016 report. The report also found that ransomware detections decreased between January and February of this year but increased again through March, April, and May. The spike in ransomware occurred shortly after Hollywood Presbyterian was the victim of a ransomware attack and paid cybercriminals to get its data back.
SERT reports that CryptoWall was the most commonly detected type of ransomware in Q2 2016 and was detected in 94% of attacks. CryptoWalll encrypts a user’s files and then demands ransom for a code that will allegedly decrypt the files.
SERT reported, “As healthcare and education sectors continue to be plagued with ransomware and often pay the demanded ransoms, the probability of more targeted attempts in these sectors will increase. Healthcare organizations use an abundance of systems and IoT devices that can become crucial pivot points for an attacker or can even be victims of ransomware themselves.”