A recent ransomware claim in the healthcare sector is a reminder of ransomware tactics used by criminals. Hackers associated with BlackCat ransomware added NextGen Healthcare Information Systems to their list of compromised businesses last week. The attack is another example of hackers’ focus on the healthcare sector, the highest category to experience attacks over the past few years.
A spokesperson from NextGen responded, “NextGen Healthcare is aware of this claim and we have been working with leading cybersecurity experts to investigate and remediate. We immediately contained the threat, secured our network, and have returned to normal operations. Our forensic review is ongoing and, to date, we have not uncovered any evidence of access to or exfiltration of client data. The privacy and security of our client information is of the utmost importance to us.” The company did not comment on employee or patent data.
BlackCat is a prolific ransomware that focuses primarily on the healthcare sector. The group uses triple-extortion tactics to convince victims to pay ransoms by threatening to leak the data if they refuse. The group also utilizes DDoS attacks to knock victims’ websites offline.
The healthcare sector is a particularly enticing target for hackers because of the personal patient data they store, and the inconsistency of security tools employed by healthcare companies. However, early data shows ransomware payments were down nearly 40% in 2022 across all business sectors. Researchers speculate businesses are investing in security and backup tools and are able to recover from an attack without paying the ransom. Another factor in the decline is that paying a ransom may not be legal in the business’s home country. The US government has imposed sanctions on some foreign countries, restricting the export of money and products. If the ransomware group has ties to one of those countries, the company could find itself in legal trouble after recovering its data.
Experts predict the recent decline in payment will prompt ransomware groups may forgo medium-sized businesses with more security measures in place. Instead, they believe hacker groups will get more aggressive with very large and small companies to make up for the difference in revenue loss over the coming year.
Quanexus IT Support Services for Dayton and Cincinnati
Request your free network assessment today. There is no hassle, or obligation.
If you would like more information, contact us here or call 937.885.7272.
Follow us on Facebook, Twitter and LinkedIn and stay up to date on by subscribing to our email list.
