back to article Healthcare organizations face rising ransomware attacks – and are paying up

Healthcare organizations, already an attractive target for ransomware given the highly sensitive data they hold, saw such attacks almost double between 2020 and 2021, according to a survey released this week by Sophos. The outfit's team also found that while polled healthcare orgs are quite likely to pay ransoms, they rarely …

  1. Neil Barnes Silver badge
    Holmes

    Why do you rob banks, Clyde?

    Because that's where the money is.

    1. elsergiovolador Silver badge

      Re: Why do you rob banks, Clyde?

      Here is a foolproof plan how to rob a bank.

  2. Pete 2 Silver badge

    Don't feed the pigeons

    > Healthcare organizations ... saw such attacks almost double ... are quite likely to pay ransoms

    So apart from directly financing crimes (and maybe state-sponsored terrorism) they are attracting more attacks on themselves.

    But never mind, they can just pass on the costs to their patients. So why worry?

  3. FlamingDeath Silver badge

    “Health Care”

    Two words joined together that are meaningless

    I got another two words

    “Profit seeking”

    Bye

    1. Hogbert

      Re: “Health Care”

      Outside the US, quite a few countries have tax payer funded healthcare. Such organisations usually struggle to get by under strict limited budgets, and have staff who are dedicated to providing the best care they can with the available resources.

      It seems particularly stupid for ransomware attackers to target hospitals which have been running many millions over budget for several years, so have no available cash to pay out anyway. These evil people are not very good at researching their targets.

    2. MJI Silver badge

      Re: “Health Care”

      I don't get that at all.

      I see NHS.

  4. VoiceOfTruth

    -> Wray said Iranian government-supported threat actors tried to hack into the hospital's network and used the incident – which he called "one of the most despicable cyberattacks I've ever seen"

    Meanwhile the USA and its hideous sanctions have led to numerous deaths in Iran. They cannot buy medical equipment on the open market. So fuck Mark Wray and the FBI.

    1. Anonymous Coward
      Anonymous Coward

      Nothing is stopping them buying medical equipment from your mother Russia.

  5. Mayday Silver badge
    Alert

    Related - vulnerable systems

    The trouble with healthcare is that many pieces of specialised equipment have a base OS of something ancient which is unpatched and cannot be patched. For example, some kind of scanner (which I personally saw just prior to covid) ram an embedded version of NT4 as it’s base with some custom upper layers to drive and present the scanning system to the operator.

    It’s not as simple as “just upgrade” because the kit vendor provides maintenance which involves what they say it needs, such as aligning and calibrating the imagery systems themselves and not much else.

    Traffic whitelisting, and overlays such as VXLAN or SDA can help but won’t solve all the problems.

  6. nobody who matters

    "..............and nearly three quarters are able to use backups to restore data."....

    That should be 'only' three quarters surely?

    Have 25% STILL not got the message?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022