For more than a year, researchers have been warning about an increase in cyberattacks as people adjusted to working from home. Now new figures released by the UK’s National Cyber Security Centre (NCSC) suggest that hackers are dedicating a lot of time and resources to targeting healthcare-related businesses.
According to the NCSC, a department of the UK intelligence service, 20% of all attacks they helped to investigate and defend against were launched against the health sector. They also noted that the total number of reported incidents rose from 723 to 777 between 2020 and 2021.
Ransomware is a major problem
Criminals have been using ransomware to successfully extort businesses across various industries for some time now. Unsurprisingly, they are using the same tools and techniques to attack the healthcare industry.
The University of Oxford, which helped to develop the Astra Zeneca Covid-19 vaccine, was subject to a serious malware infection for instance. Unable to control the situation in-house, they required additional assistance from the NCSC to block and remove the malware. It is unclear whether any lasting damage was caused by the outbreak.
An ongoing campaign of disruption
2021 has not been a unique year in terms of cyberattacks against the healthcare industry. A year earlier there were reports of several attacks against organizations involved in the development of Covid-19 vaccines.
The Russian hacking group APT29, also known as “Cozy Bear”, was accused of trying to steal research data and intellectual property. Government cybersecurity agencies in the UK, US and Canada all reported incidents during 2020 involving ransomware, spear phishing and customized malware targeted at vaccine researchers.
A warning for the future
The NCSC is clear – they do not expect ransomware attacks to stop any time soon. In her foreword of the NCSC annual report, CEO Lindy Cameron wrote, “One of the trends that the NCSC has seen over the last year was a worrying growth in criminal groups using ransomware to extort organizations. In my view it is now the most immediate cyber security threat to UK businesses and one that I think should be higher on the boardroom agenda.”
Oxford University researchers have responded to the report saying, “We welcome the NCSC annual report which highlights the cyber protections needed around the ground-breaking work of our vaccine researchers. Our information security team have been fortunate to have excellent support from within NCSC. They have provided a real contribution to the cyber protections around the vaccine research throughout the pandemic.”
The NCSC is clear; they expect ransomware attacks to continue to increase – and not just in the healthcare sector. The NCSC received more than 5.9 million reports of malicious content from the general public too. This shows that everyone at risk of malware infection – and everyone must take steps to protect themselves. Download a free trial of Panda Dome to get started today.