Healthcare’s Data Extortion Problem, and How to Prepare for Ransomware
Health IT Security
Data extortion was once seen as a rare, or potential threat, rather than a pressing issue, while ransomware and subsequent downtime were greater concerns for healthcare cybersecurity. But attackers have since shifted tactics, leveraging data theft in the majority of ransomware attacks prior to encryption victims' data.
The extortion technique was first popularized by the Maze hacking group, which had a penchant for targeting healthcare given its troves of sensitive data.
The hackers banked on providers needing constant access to their information and fear of potential data leaks in their efforts to make the most profit at their victims' expense.
The group has since disbanded but researchers believe the actors simply shifted to deploying the Egregor variant. Clop, Avaddon, Astro, DarkSide, and a host of other hacking groups are leveraging extortion in “secondary infections.”
In fact, VMWare researchers saw...