Arpad Nagy-Bagoly - stock.adobe.

Targeted cyber attacks, including ransomware, on the rise

Governments and healthcare institutions are prime targets of ransomware operators, a report shows

Targeted cyber attacks accounted for 59% of all attacks in the second quarter of this year, up from 47% in the first quarter, a report has revealed.

Governments and healthcare organisations emerged as prime targets of ransomware attacks, according to the latest quarterly cyber threat report by security firm Positive Technologies.

The report also noted a revival of cryptojacking, which researchers ascribe to a rise in the value of the bitcoin cryptocurrency and attackers continuing to develop stealthy cryptomining malware.

Data theft remains a top priority for cyber criminals, the report said, accounting for more than half of the attacks in Q2.

Researchers found that 29% of attacks on organisations targeted personal data and attacks on individuals most often targeted account credentials (44%) and payment card information (34%).

Financial gain was the motivation behind 30% of attacks on organisations and 42% of attacks on individuals.

Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies, said: “Companies often store large databases with personal data and credentials of their clients, and criminals are also interested in usernames and passwords of the employees of target companies.

“As for individual users, the public has a bad track record when it comes to securing their accounts. They use weak passwords or re-use passwords across sites, enter passwords for websites without checking their authenticity, and give out information that could help an attacker to guess their password. This is why credentials and payment information are top targets.”

Governments were the targets of 62% of malware infections, up from 44% in the previous quarter, with governments most frequently hit by ransomware, the report said.

Cyber criminals are reportedly focusing ransomware attacks increasingly on local government authorities and enterprises because they are more likely to pay higher ransom demands when normal business operations are crippled. The average ransom demand was $36,000 in the second quarter, according to researchers at security firm McAfee.

Some local authorities have refused to pay ransoms, in line with guidance from law enforcement and cyber security industry representatives, said the Positive Technologies report. But despite ransomware attacks disabling their IT infrastructure, authorities in the US cities of Lake City and Riviera Beach, for example, reportedly paid ransoms of $600,000 and $530,000, respectively.

Read more about ransomware

Government-related websites also continue to draw hackers, the report said. In April, three websites of the FBI National Academy Associates were hacked, resulting in the leak of personal data for about 4,000 federal agents and law enforcement personnel.

Healthcare also stood out as a top target of ransomware in the second quarter. By disabling IT systems, ransomware can be especially dangerous with healthcare because it has the potential to harm both the institution and its patients, the report said.

Healthcare employees are on the receiving end of phishing attacks, the report said. It gave the example of a phishing attack aimed at staff of a Nova Scotia clinic in Canada, in which attackers obtained the username and password of an employee, putting the data of nearly 3,000 patients at risk. 

“The severity and nature of these attacks against the healthcare industry are particularly alarming,” said Galloway. “However, there are simple ways in which organisations – in healthcare and other sectors – can better protect themselves and the public.

“Companies need to learn to protect their data by encrypting sensitive information, minimising access with strong authentication methods, and enforcing good password sanity.

“They can also go a long way by simply making sure their tech is monitored and current. Update software, quickly implement patches, and pen test your company to make sure your data really is secure.”

Read more on Hackers and cybercrime prevention