GUEST ESSAY: Caring criminals — why some ransomware gangs now avoid targeting hospitals | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

By Zac Amos

Ransomware is a significant threat to businesses worldwide. There are many gangs that work together to orchestrate increasingly damaging attacks. However, some of these groups follow codes of conduct that prevent them from purposefully targeting hospitals.

AWS Builder Community Hub

Related: How Putin has weaponized ransomware

In mid-March 2020, representatives from the cybersecurity website BleepingComputer contacted numerous ransomware gangs to ask if they’d continue targeting hospitals during the unprecedented COVID-19 public health threat.

Many responded by saying they already avoid hospitals and emergency services infrastructure. Others promised to cease attacking health care facilities until the pandemic eased.

An April 2020 study from VMware Carbon Black revealed a 148% ransomware increase between March and April 2020. However, it’s worth noting that health care was the seventh-most targeted industry during that time, when it was usually in the top three.

Less lucrative targets

The reduction in ransomware attacks against health care organizations was relatively short-lived. John Riggi, national advisor for cybersecurity and risk for the American Hospital Association, said in a July 2023 interview that he noticed a spike in large, high-profile ransomware attacks in the previous six weeks.


However, another topic brought up in the discussion was that Riggi increasingly hears representatives from targeted facilities agree not to pay the ransom. Some ransomware gangs demand payments of $1 million or more. However, IT teams at health care facilities are becoming more proactive about protecting data, so there’s no need to engage with hackers.

Creating a strategic and all-encompassing backup plan is a great way to prevent data loss. If ransomware gangs increasingly hear that health care facilities won’t pay, they’ll turn their attention to other industries.

Hackers shun limelight

There are certainly ulterior motives behind ransomware gangs’ pledges to avoid attacking hospitals. For example, the continual targeting of the facilities could compel those in power to pass laws and devote resources related to catching and punishing the gangs. Virginia’s Senator Mark Warner has prioritized health care ransomware reductions in some of his recent efforts.

If enough lawmakers consider this cybersecurity issue a top-of-mind concern, it would spell trouble for ransomware gangs. During the COVID-19 pandemic, the U.S. and other countries mobilized incredible resources to get vaccines created, tested and distributed in record time. That example shows that when enough people see a threat as significant, they’ll work together to get things done.

Trustworthy morality?

Another consideration is that it’s one thing for a ransomware gang to promise not to attack hospitals. What matters is that they’re telling the truth. The whole concept behind ransomware attacks is that victims should get their data back if they pay the demanded amount. However, a 2023 survey showed that doesn’t always happen. More specifically, 21% of respondents paid the ransom and didn’t recover their data.

If people see news that specific ransomware gangs consider hospitals off-limits, some may think these cybercriminals operate with some sense of morality after all. However, a public statement is no guarantee of truth.

Evidence also suggests ransomware increasingly spans beyond data loss and financial demands. Many organizations — including hospitals — report ransomware-driven extortion as an emerging risk. If the IT teams at health care facilities believe some hacker gangs won’t target them, they could become complacent against emerging threats.

Even if some ransomware gangs steer clear of hospitals, not all will. Ransomware targets and tactics keep evolving, meaning cybersecurity professionals and enthusiasts must stay aware and respond accordingly.

About the essayist: Zac Amos writes about cybersecurity and the tech industry, and he is the Features Editor at ReHack. Follow him on Twitter or LinkedIn for more articles on emerging cybersecurity trends.

September 21st, 2023



Click Here For The Original Source.

National Cyber Security