Researchers Observe Increase in Emerging Ransomware Groups Targeting Healthcare

January 26, 2024 – Published on Health IT Security

The healthcare sector was hit hard by data breaches in 2023, with more than 540 organizations reporting breaches to HHS last year. Ransomware remains a top threat to healthcare, as exemplified by the number of high-profile attacks carried out by prolific threat actor groups and lesser-known gangs alike.

In its annual ransomware report, the GuidePoint Research and Intelligence Team (GRIT) used publicly available data to explore these trends and how they vary across the threat landscape, uncovering troubling changes in the threat landscape. GRIT observed 63 distinct ransomware groups compromising thousands of victims throughout 2023. Healthcare was the third-most targeted industry in 2023 according to GRIT, behind manufacturing and technology.

Attacks by prolific ransomware groups such as LockBit, Alphv, and Clop accounted for the vast majority of victims across all analyzed industries. GRIT identified these groups as “established,” meaning that they are groups that have operated for at least nine months and maintain well-defined tactics.

“TTPs and behaviors exhibited by these groups inevitably trickle down to less mature ransomware groups seeking to increase effectiveness and revenue generation,” the report noted. “This hierarchy reflects the importance of law enforcement disruption and security research exposing the operations of these groups, with operational disruption against them likely to generate the greatest impacts on the ransomware economy.”

Read More HERE.