Over 200 large public sector organizations in the US were affected by ransomware in 2022 (opens in a new tab) attacks.
Cybersecurity experts Emsisoft say companies in the government, education and healthcare sectors were hit the hardest, after scouring publicly available reports, disclosure statements, but also dark web leaks and third-party intelligence.
In about half of the detected incidents, cybercriminals stole sensitive data.
Hiding incidents
Speaking in detail about the attacks that took place last year, a total of 105 counties were targeted by ransomware, as well as 44 universities and colleges, 45 school districts and 24 medical providers.
Despite extensive research, the company says the numbers are probably not clear cut as not all organizations are willing to disclose cybersecurity incidents. Compared to private companies, public organizations are more likely to share details of such incidents, but it is still likely that some incidents have been concealed.
“The reality is that no one knows for sure whether the number of attacks is constant or on an upward or downward trend,” Emsisoft wrote in its report.
In addition to undisclosed and hidden incidents, there are also incidents that may have occurred during the preparation of the report by Emsisoft, such as the attack on the CentraState Medical Center that allegedly took place on December 30, 2022. The organization then announced that it would stop accepting patients “due to cybersecurity issues” “.
Ransomware operators tend to be hesitant to target healthcare providers, as a potential lethal outcome would likely mean the end of their business and complete freedom.
Over the weekend, LockBit ransomware operators distanced themselves from a partner who was targeting SickKids Hospital for Sick Children, claiming it violated their policies by attacking the healthcare organization. The group apologized for the incident and provided a decryptor.
Through: Beeping Computer (opens in a new tab)