Most Healthcare Ransomware Hits Include Patient Data TheftPatient Data Is Valuable and in Demand in China, Says Recorded Future's Allan Liska
Based on known ransomware attacks against the healthcare sector, there's good news, says Allan Liska, a principal intelligence analyst at Recorded Future. While publicly reported attacks targeting healthcare surged from 185 in 2020 to 285 in 2021, this year they're on track to only number around 216 in total, he says.
Even so, challenges for healthcare victims abound, including attackers' proclivity for not just encrypting systems, but first stealing patient data. "At this point in a ransomware attack, you can't realistically say, without being laughed off the internet, 'We don't believe any patient data was accessed,'" he says. "Patient data is almost always accessed. … It is going to be very sellable in underground markets, and the Chinese government in particular loves to buy medical records."
In this video interview with Information Security Media Group, Liska discusses:
- Why more attackers are using leaked code instead of working with ransomware-as-a-service groups;
- Takeaways from tracking known ransomware attacks against the healthcare sector;
- Why ransomware gangs offering to delete stolen data in exchange for a ransom payment shouldn't be trusted.
As a security practitioner and ethical hacker at Recorded Future, Liska provides ransomware-related counsel and key recommendations to major global corporations and government agencies. He previously held similar roles with Symantec, iSIGHT Partners and FireEye. With more than 20 years of experience in ransomware and information security, he has improved countless organizations' security posture using more effective intelligence. He serves on national ransomware task forces and speaks at global conferences. He has authored numerous books, including "The Practice of Network Security," "Building an Intelligence-Led Security Program," "NTP Security: A Quick-Start Guide," "Ransomware: Defending Against Digital Extortion," "DNS Security: Defending the Domain Name System" and "Ransomware: Understand. Prevent. Recover."
Over 5,000 health data breaches since 2009 have affected the personal information of 370 million people. Ransomware gangs and hackers are targeting healthcare providers, insurance firms and partners at an alarming rate. Targeting Healthcare explores these trends and how the industry can respond.