Summary:
Based on research conducted by Barracuda Networks, which analyzed 200 reported ransomware incidents from August 2023 to July 2024, more than a fifth of these attacks targeted the healthcare sector, highlighting an 18% increase from the previous year. The top three biggest threats to this sector were LockBit, BlackCat, and Rhysida which accounted for a big chunk of attacks targeting healthcare providers. Local government municipalities were the second most targeted sector (17% of all attacks observed), followed by manufacturing (15%) and technology firms (13%).

Security Officer Comments:
According to Barracuda Networks, data exfiltration has seen an increased prioritization over encryption among ransomware groups. This in turn has increased a focus on defense evasion tactics to increase the dwell time in victim networks. Researchers note that this extensive post-compromise activity prior to the execution of the ransomware component of the attack offers security teams several opportunities to detect, contain and mitigate the incident before it fully unfolds.

Suggested Corrections:
With data extortion becoming more popular within the ransomware landscape, organizations should segment their networks to limit access to sensitive systems and resources, encrypt data at rest and in transit, employ data loss prevent solutions to monitor and control the movement of data across the network, require MFA where possible, deploy EDR solutions, and have backups of mission-critical data.

Link(s):
https://www.infosecurity-magazine.com/news/healthcare-fifth-ransomware/