Fraud Management & Cybercrime , Industry Specific , Ransomware

Most Healthcare Ransomware Hits Include Patient Data Theft

Patient Data Is Valuable and in Demand in China, Says Recorded Future's Allan Liska
Allan Liska, principal intelligence analyst, Recorded Future

Based on known ransomware attacks against the healthcare sector, there's good news, says Allan Liska, a principal intelligence analyst at Recorded Future. While publicly reported attacks targeting healthcare surged from 185 in 2020 to 285 in 2021, this year they're on track to only number around 216 in total, he says.

See Also: Webinar | Everything You Can Do to Fight Social Engineering and Phishing

Even so, challenges for healthcare victims abound, including attackers' proclivity for not just encrypting systems, but first stealing patient data. "At this point in a ransomware attack, you can't realistically say, without being laughed off the internet, 'We don't believe any patient data was accessed,'" he says. "Patient data is almost always accessed. … It is going to be very sellable in underground markets, and the Chinese government in particular loves to buy medical records."

In this video interview with Information Security Media Group, Liska discusses:

  • Why more attackers are using leaked code instead of working with ransomware-as-a-service groups;
  • Takeaways from tracking known ransomware attacks against the healthcare sector;
  • Why ransomware gangs offering to delete stolen data in exchange for a ransom payment shouldn't be trusted.

As a security practitioner and ethical hacker at Recorded Future, Liska provides ransomware-related counsel and key recommendations to major global corporations and government agencies. He previously held similar roles with Symantec, iSIGHT Partners and FireEye. With more than 20 years of experience in ransomware and information security, he has improved countless organizations' security posture using more effective intelligence. He serves on national ransomware task forces and speaks at global conferences. He has authored numerous books, including "The Practice of Network Security," "Building an Intelligence-Led Security Program," "NTP Security: A Quick-Start Guide," "Ransomware: Defending Against Digital Extortion," "DNS Security: Defending the Domain Name System" and "Ransomware: Understand. Prevent. Recover."

Over 5,000 health data breaches since 2009 have affected the personal information of 370 million people. Ransomware gangs and hackers are targeting healthcare providers, insurance firms and partners at an alarming rate. Targeting Healthcare explores these trends and how the industry can respond.

Read more

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.