During the last week in September, Universal Health Services Inc., one of the largest hospital chains in the United States, began taking some ambulances out of service because of disruptions caused by a ransomware attack. Universal said no patients were harmed, but systems that support medical records, laboratories and pharmacies were taken offline at approximately 250 facilities.
This incident is part of a disturbing trend of healthcare institutions being targeted by ransomware attacks as the software used by hackers becomes more sophisticated and their attacks broader.
While cyber insurance claims impacted businesses of all types and sizes certain industries, including consumer businesses (retail, hospitality and food), healthcare and financial services were more frequent targets of cyberattacks in the first half of 2020, according to a recent report by Coalition, a provider of cyber insurance.
Overall, ransomware (41 percent), funds transfer loss (27 percent), and business email compromise incidents (19 percent) were the most frequent types of loss—accounting for 87 percent of reported incidents and 84 percent of claims paid in the first half of 2020.
“We’ve seen a sharp increase in ransom demands over the past quarter as threat actors have exploited COVID-19 and changes in company operating procedures. Although the frequency of ransomware claims has decreased by 18 percent from 2019 into the first half of 2020, we’ve observed a dramatic increase in the severity of these attacks,” said the Coalition report.
Since email is the single most targeted point of entry for a hacker, taking a few basic email security measures and implementing an anti-phishing solution would go a long way toward securing your business from criminals.
Coalition reports that, for each claim processed, cyber insurance played a critical role in helping the insured recover operationally. For example, a nonprofit organization providing child and family services grants to other nonprofits was duped into transferring $1.3 million to criminals. Coalition worked with law enforcement and the financial institutions involved to recover the stolen funds.