Privacy & Security

As ransomware evolves, education edges healthcare as biggest target, says new report

Rate of attacks has steadily increased since 2015 across all industries; healthcare holds third place with 3.5 percent of organizations experiencing an attack.
By Jessica Davis
October 10, 2016
11:27 AM

While ransomware has plagued the healthcare industry this year, a recent report from security firm BitSight found it’s surprisingly not the most attacked industry. The report analyzed security ratings of 20,000 companies in the healthcare, financial, education, government, retail and energy sectors.

The education industry holds the lead with 13 percent of its organizations hacked, which is more than three times the rate of ransomware found in healthcare and more than 10 times that of the financial sector, the report found.

Government agencies followed closely behind with 6 percent, and healthcare comes in third with 3.5 percent of its organizations hit by ransomware. The financial sector held the lowest risk at 1.5 percent of organizations affected.

The rate of ransomware in every industry has greatly increased from last year. In some instances, it’s double or tripled, according to the report. The cause is the steady increase of the availability of ransomware software, including Locky.

And ransomware continues to evolve.

“Ransomware is a legitimate threat, with estimates from the U.S. Justice Department showing that over 4,000 of these attacks have occurred every day since the beginning of 2016,” BitSight Co-Founder, CTO Stephen Boyer said in a statement.

“While several ransomware attacks on healthcare companies have made headlines this year, the issue is more widespread,” he added.

While all sectors saw no increase or decrease in security rankings, the education industry saw its security rating drop about 15 percent, the report found. Small budgets and IT teams make it difficult for K-12 schools to fend off these attacks. Further, universities with excessive file-sharing activity compounds these issues.

Hackers are seeking medical records, social security numbers, financial information and research data from schools. The report found that many academic institutions pay the ransom to avoid HIPAA concerns and regulatory issues.

Ransomware is gaining traction, as “cybercriminals seem to be finding a lucrative business through ransomware attacks,” Boyer said. “Establishing email security protocols, monitoring key third-party vendors, tracking security ratings and avoiding file sharing are all ways to mitigate risks associated with ransomware.”

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn

Topics: 
Network Infrastructure, Privacy & Security

More regional news

HIMSSCast logo

HIMSSCast: Caregiver input needed for allocation of investment dollars

By
Bill Siwicki
November 15, 2024
HHS Building

Trump picks RFK Jr. to lead HHS

By
Susan Morse
November 15, 2024
Sign outside FDA office

Lawmakers ask CDRH to revisit its CDS guidance

By
Andrea Fox
November 15, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Former Georgia Rep. Doug Collins
Trump taps former Rep. Doug Collins to head VA

Most Read

Atrium Health responds to new social engineering attack
Vendor Notebook: New cybersecurity and EHR performance upgrades 
Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
ASTP intros 2024 draft Federal FHIR Action Plan
CrowdStrike all but assures Capitol Hill: Never again

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

Lee Kim at HIMSS_Global Health Equity Week 2024
AI can be leveraged to improve cybersecurity and health equity
Dr. Keisuke Nakagawa at UC Davis Health_Global Health Equity Week 2024
How artificial intelligence is changing the equation for SDOH integration
Andrea Hsu at National Science and Technology Council_HIMSS24 APAC
Fostering health IT innovation through academic-industrial collaborations
Valerie Rogers at HIMSS_Global Health Equity Week 2024
Technology and policy have a role to play in improving maternal health

More Stories

HIT professional reviews information on a laptop outside a server room
ASPR seeks feedback on public health orgs' cybersecurity needs
Gabriel Jones of Proprio on AI
Artificial intelligence is enabling big advances in surgery
Pharmacist sorting pills
Deploy RFID technologies to streamline controlled substance management
Healthcare workers in a meeting
Prioritizing cost management at U.S. healthcare systems: Keys to better margins
Healthcare worker looking at medical record on tablet with patient in background
Protect your IoMT devices against evolving cyberattacks
Jill Brewer at HIMSS_Healthcare Cybersecurity Forum 2024
What's the weakest link in organizational cybersecurity? Not what you might think
Richard Staynings at the University of Denver_Healthcare Cybersecurity Forum 2024
The challenges of safeguarding healthcare's 'data ocean'
Avihai Sodri of Antidote Health on telemedicine
How virtual-first can improve outcomes and make care more affordable