Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Report reveals ransomware attacks on healthcare and financial sectors tripled

Barracuda researchers have found the number of ransomware attacks have increased year-over-year across the education, municipalities, healthcare, infrastructure, and financial sectors compared to last year.

user iconReporter
Mon, 29 Aug 2022
Report reveals ransomware attacks on healthcare and financial sectors tripled
expand image

Most ransomware attacks don't make headlines, according to the Barracuda research team, noting that "many victims choose not to disclose when they get hit".

Barracuda's fourth-annual research report analyses ransomware attack patterns that occurred between August 2021 and July 2022 and found that attacks against other industries more than doubled compared to last year's report.

Ransomware trends

============
============

For the 106 highly publicised attacks the Barracuda researchers analysed, the dominant targets are still five key sectors: education (15 per cent), municipalities (12 per cent), healthcare (12 per cent), infrastructure (8 per cent), and financial (6 per cent).

While attacks on municipalities increased only slightly, Barracuda analysis over the past 12 months showed that ransomware attacks on educational institutions more than doubled, and attacks on the healthcare and financial verticals tripled.

This year, Barracuda researchers dug in deeper on these highly publicised attacks to see which other industries are starting to be targeted. Service providers were hit the most, and according to Fleming Shi, CTO of Barracuda, ransomware attacks on automobile, hospitality, media, retail, software, and technology organisations all increased as well.

"As ransomware and other cyber threats continue to evolve, the need for adequate security solutions has never been greater.

"Many cyber criminals target small businesses in an attempt to gain access to larger organisations.

"As a result, it is essential for security providers to create products that are easy to use and implement, regardless of a company's size," Shi said.

Rule-based security solutions, according to Barracuda researchers, are going to be weak against these type of attacks and the ways they are evolving.

Through Barracuda's SOC-as-a-Service, researchers got a closer look at how ransomware is affecting smaller businesses. As the attack surface expands, artificial intelligence is increasingly required to drive efficacy and to understand the behaviour of these attacks.

How to protect against ransomware attacks

Barracuda researchers have outlined five steps that can be taken now to bolster protections:

  • Disable macros – Implement execution prevention by disabling macro scripts from Microsoft Office files transmitted via email.
  • Set up network segmentation – Implementing robust network segmentation will help reduce the spread of ransomware if it does get into your system.
  • Remove unused or unauthorised applications – Investigate any unauthorised software, particularly remote desktop or remote monitoring, which could be signs of compromise.
  • Enhance web application and API protection services – Secure your web applications from malicious hackers and bad bots by enabling web application and API protection services, including distributed-denial-of-service protection.
  • Reinforce access control on backups – Backup should be offline/cloud credentials should be different than normal credentials.

Attacks are often sophisticated and extremely hard to handle for small businesses, Shi further explains, advocating for the availability of sophisticated security technologies as services to enable businesses of all sizes to protect themselves against these ever-changing threats.

"By making security solutions more accessible and user-friendly, the entire industry can help to better defend against ransomware and other cyber attacks," Shi concluded.

[Related: Cyber security threats ‘need very real action’ following overhaul]

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.