BLUF
With 20 per cent of ransomware victims being in the healthcare sector, criminals are showing that nothing, and no one, is off the table.Summary
When it comes to lucrative criminal enterprises such as ransomware, evidence shows that ethical considerations do not come into play. The deployment of ransomware is a prolific cybercriminal activity, with its potential destructive impacts outweighing other forms of crime such as straight data theft and crypto-jacking. FIN12 is a large ransomware group of which one in five of its victims is in the healthcare sector. You would hope that healthcare and other sectors such as funeral services, charities, and critical services would be off-limits to ransomware groups. Not so. In May 2021, Ireland's health service fell victim to ransomware. The attack disrupted its critical care services for weeks. If a ransomware outbreak can restrict access to medical records, appointment details, treatment notes, and patient data, this can lead to delays and—in a worst-case scenario—death. FIN12 is a financially driven group that targets organizations with average annual revenues of more than $6 billion. Almost all of the threat group's victims generate an income of at least $300 million. Since 2018, FIN12, which previously focused on North America, has now started to target Europe and the Asia Pacific region.
References
Jun 2021 ZDNet Ransomware: Ireland's health service remains 'significantly' disrupted weeks after attack
Jun 2021 Forbes Increased Cyberattacks On Healthcare Institutions Shows The Need For Greater Cybersecurity
Oct 2021 Mandiant FIN12: The Prolific Ransomware Intrusion Threat Actor That Has Aggressively Pursued Healthcare Targets
