1st Half 2018 US Healthcare Breaches Involving Ransomware Decreased 57% Over the Same Time Period in 2017

Moving Target Defense Firm Releases Report on Top US 1st Half 2018 Healthcare Cyberattacks

ROCKVILLE, Md.—July 17, 2018— Cryptonite, a leader in moving target cyber defense, today announced the availability of its “1st Half 2018 Healthcare Cyber Research Report,” which shares the company’s findings on healthcare cyberattacker activity in the first half of 2018.

The past several years have been very difficult for healthcare institutions as these organizations remain under sustained attack by cyberattackers. Cyberattackers continue to target known and often unprotected vulnerabilities within healthcare, such as the medical devices, missing updates and patches, mobile devices and embedded processors. This mid-year research conducted by Cryptonite indicates that there were a total of 59 data breach events characterized and reported to HHS/OCR as IT/Hacking in the 1st half of 2018. This may suggest a slight downtrend when compared to the total of 140 IT/Hacking events reported in 2017.

In the 1st half of 2018, ransomware attacks represented 13.56% of all reported IT/Hacking events. Of the top 25 data breaches reported in 1st half 2018, only 3 seem attributed to ransomware. The data includes a decrease from 19 reported events in 1st half 2017 to a total of 8 reported events in 1st half 2018. This is a decrease of 57% of all reported ransomware IT/Hacking events in the 1st half of 2017.

In 2017, per our earlier published 2017 Healthcare Cyber Research Report, 6 of the top 6 IT/Hacking events reported were attributed to ransomware. In the 1st half of 2017 ransomware attacks represented 30% of all IT/Hacking events reported to HHS/OCR during that time period approximately 25% of all IT/Hacking events for the entire year. All of this suggests a possible downtrend in the use of the current variants of ransomware to attack our healthcare institutions.
In 1st half 2018, there were 1,928,432 records compromised which shows a slight 9% increase over the same time period in 2017 and suggests that attackers continue to steal valuable data records using techniques other than ransomware.

Ransomware lowered the cost and time for cyberattackers to launch attacks against the depth and breadth of healthcare institutions. The redirection of ransomware efforts away from healthcare, seem to be related, at least in part, to a reallocation of some cyberattacker resources and energy on cryptocurrency mining. Further contributing to this reduction healthcare institutions have likely acquired cyberdefense software tools enabled to stop and contained ransomware attacks very early in the attack cycle. These new defenses aside, we do believe that ransomware still presents a formidable threat to healthcare and expect new variants, such as AI based malware, to present very difficult challenges to healthcare institutions later in the future.

Internet of Things (IoT) devices, medical devices, and mobile devices in healthcare also represent continued opportunities for cyberattack. “Cyberattackers continue to target healthcare to obtain medical records they contain for sale on the dark web. Medical records still continue to provide the best and most complete data which can support identity theft and related financial fraud,” said

Michael Simon, President & CEO of Cryptonite. “While 1st half 2018 shows a downtrend in the successful use of ransomware, we expect cyber criminals to continue to adjust their attack techniques to successfully targeting the IoT devices, medical devices, and mobile devices for the continued compromise of healthcare networks. They are driven by the economic opportunity for the sale and ransom of these stolen data records, and that opportunity remains as strong as ever.”

The full report can be downloaded on the Cryptonite website at https://info.cryptonitenxt.com/healthcare-report-1h2018.

About Cryptonite:
Cryptonite is a leader in moving target cyber defense. CryptoniteNXT enables any network to actively shield itself from cyber-attacks by preventing all attacker reconnaissance and lateral movement. Patent pending moving target cyber defense and micro-segmentation technologies protect enterprise networks from an advanced cyber attacker, insider threats, and ransomware. The Cryptonite customer base includes leading commercial and government customers around the world.

Hi-Touch PR
Danielle Ostrovsky, 410-302-9459