Intel Security has released its McAfee Labs Threats Report: September 2016, which assesses the growing ransomware threat to the healthcare industry, surveys the “who and how” of data loss, explains the practical application of machine learning in cybersecurity, and details the growth of ransomware, mobile malware, macro malware, and other threats in Q2 2016.
Following a rash of targeted ransomware attacks upon hospitals in early 2016, Intel Security investigated the attacks, the ransomware networks behind them, and the payment structures enabling cybercriminals to monetize their malicious activity. The researchers identified nearly $100,000 in payments from hospital ransomware victims to specific bitcoin accounts. While healthcare is still clearly a small proportion of the overall ransomware ‘business,’ McAfee Labs expects a growing number of new industry sectors to be targeted by the extensive networks launching such attacks.
In the first half of 2016, our researchers identified a ransomware author and distributor who appeared to receive $121 million (BTC 189,813) in payments from ransomware operations targeting a variety of sectors. Dark net discussion board communications suggest that this particular cybercrime actor had accumulated profits of $94 million during the first six months of this year.
The scale of the operation is in line with research McAfee Labs conducted with its Cyber Threat Alliance partners in late October 2015, when the group uncovered a ransomware operation using the CryptoWall ransomware strain to extort nearly $325 million over the course of two months.
The research team attributes the increased focus on hospitals to such organizations’ reliance on legacy IT systems, medical devices with weak or no security, third-party services that may be common across multiple organizations, and hospitals’ need for immediate access to information to deliver the best possible patient care.
“As targets, hospitals represent an attractive combination of relatively weak data security, complex environments, and the urgent need for access to data sources, sometimes in life or death situations,” said Vincent Weafer, Vice President for Intel Security’s McAfee Labs. “The new revelations around the scale of ransomware networks and the emerging focus on hospitals remind us that the cybercrime economy has the capacity and motivation to exploit new industry sectors.”