Ransomware attacks impacted more than 200 public sector organizations in the United States in 2022.
After searching through publicly accessible reports, disclosure statements, dark web leaks, and third-party intelligence, New Zealand-based Emsisoft, known for its anti-virus software solutions, alleged that businesses in the government, education, and healthcare sectors were most impacted by threat actors.
Ransomware attackers usually don’t go after people in the medical field, because a potentially fatal outcome would probably mean the end of all their activities and freedom.
The LockBit ransomware creators dissociated themselves from an affiliate after the latter launched a data theft attack against a children’s hospital. LockBit also stated that the act was against their guidelines. It also offered the decryptor, while expressing regret for the mishap.
In roughly half of the events that were found, threat actors stole personal information.
Concealing the events
In the ransomware attacks that took place in 2022, 105 counties, 44 universities and colleges, 45 school districts, and 24 healthcare organizations became the targets.
Despite thorough investigation, Emsisoft claimed that the figures were probably inconclusive because not all businesses are keen to report cybersecurity problems. Public organizations are more likely than private businesses to disclose the specifics of such instances, yet it’s still possible that some incidents went unreported.
Emsisoft said in its research report, “the truth is that nobody can say with certainty whether the number of attacks is flat, heading upward or downward.”
One example of an incident that may have been taking place at the same time that Emsisoft was preparing its report is the attack that reportedly happened at the CentraState Medical Centre on December 30, 2022.
It’s possible that further events were covered up. During that time period, the organisation said that “due to a cybersecurity issue,” it would no longer be accepting new patients.