HHS unveiled the top ransomware threat actors for hospitals and how many hospitals have been struck between July 1 and Sept. 30, according to an Oct. 13 report.
Some insights into the report's findings:
- At least 22 U.S. healthcare centers or medical clinics experienced a ransomware attack in the thirrd quarter of 2021. There have been at least four hospitals that reported ransomware attacks in the same period.
- Globally, at least 68 ransomware incidents affecting healthcare organizations occurred during the third quarter. Most of the attacks (63 percent) affected U.S. organizations.
- Hive ransomware operators will most likely continue to target U.S. healthcare organizations, whereas Vice Society will continue to strike in the U.S. and abroad, according to the report. Hive and Vice Society emerged in June as many hacker groups rebrand themselves to evade law enforcement takedown.
- At least 20 health centers or medical clinics experienced a ransomware attack, and Conti was the ransomware group responsible for affecting the most health centers or clinics in the United States
Below are the most active 8 ransomware groups and how many healthcare organizations they struck in the third quarter:
- Conti — 7
- REvil/ Sodinokibi — 5
- Hive — 4
- Pysa — 3
- CL0P — 2 (tied)
Grove — 2 (tied)
Ryuk — 2 (tied)
Vice Society — 2 (tied)