Healthcare Top Target in specific "Gatak" Ransomware Attacks
A recent blog post from HealthcareIT Security website explained how research from Symantec determined that the healthcare industry is one of the top targets for this attack, with 40% of the top 20 most affected organizations.
“By using a watering-hole approach, the attackers play a largely passive role, with relatively little control over who is infected,” the researchers wrote. “If this is the case, the healthcare sector may simply be the most susceptible to these kinds of attacks.”
Some additional highlights:
- The healthcare sector accounted for 88 percent of all ransomware detection.
- The top forms of attacks for Q2 were web application, malware, and application-specific attacks accounting for approximately 62 percent of all attacks
- Lateral movement is also a common feature in Gatak ransomware attacks, occurring 62% of the time within two hours of the attack.
"Healthcare has been a target for ransomware campaigns because the industry has often paid ransom to retrieve vital customer data quickly,” Solutionary Security Engineering Research Team Director of Research Rob Kraus said. “Furthermore, healthcare organizations use an abundance of systems and devices that are crucial pivot-points for an attacker, and they can even be victims of ransomware themselves."