A recent blog post from HealthcareIT Security website explained how research from Symantec determined that the healthcare industry is one of the top targets for this attack, with 40% of the top 20 most affected organizations.
“By using a watering-hole approach, the attackers play a largely passive role, with relatively little control over who is infected,” the researchers wrote. “If this is the case, the healthcare sector may simply be the most susceptible to these kinds of attacks.”
Some additional highlights:
"Healthcare has been a target for ransomware campaigns because the industry has often paid ransom to retrieve vital customer data quickly,” Solutionary Security Engineering Research Team Director of Research Rob Kraus said. “Furthermore, healthcare organizations use an abundance of systems and devices that are crucial pivot-points for an attacker, and they can even be victims of ransomware themselves."