>
Over the course of 2022, more than 200 major public sector organizations in the United States were affected by ransomware (opens in new tab) to attack.
Cybersecurity experts Emsisoft claims government, education and healthcare companies were most affected, after sifting through publicly available reports, disclosure statements, as well as dark web leaks and third-party information.
In about half of the detected incidents, the threat actors made off with sensitive data.
Hiding the incidents
Describing last year’s attacks, a total of 105 counties were targeted by ransomware, as well as 44 universities and colleges, 45 school districts, and 24 healthcare providers.
Despite extensive research, the company says the numbers are likely to be inconclusive, as not all organizations like to disclose cybersecurity incidents. Compared to private companies, public organizations are more likely to share the details of such incidents, but it is still likely that some incidents have been concealed.
“The reality is that no one knows for sure whether the number of attacks is flat or on an upward or downward trend,” Emsisoft said in its report.
In addition to undisclosed and hidden incidents, there are also incidents that may have played out when Emsisoft made its report, such as the attack on the CentraState Medical Center that allegedly took place on December 30, 2022. At the time, the organization announced that it would stop recording patients “to be expected to have a cybersecurity problem”.
Ransomware operators are usually hesitant when it comes to attacking healthcare providers, as a potentially fatal outcome would likely mean the end of their operations and their freedom.
Over the weekend, the operators of the LockBit ransomware distanced themselves from an affiliate targeting the SickKids hospital for sick children, claiming they broke their rules by attacking a healthcare organization. The group apologized for the incident and provided the decryptor.
Through: Beeping computer (opens in new tab)