HC3 TLP White Analyst Note Health Sector Ransomware Trends for Third Quarter October 13, 2021

Ransomware remains a major threat to the health sector worldwide, with many healthcare organizations operating legacy technology with limited security resources. Health or medical clinics continue to be the most frequently affected sub-industry by ransomware followed by healthcare industry services and hospitals. The HC3 CTI team assesses that these trends are likely to continue through 2021.

Report

The HC3 conducted a review of ransomware activity tracked for the third quarter (Q3) of 2021 (July 1 to September 30) and derived a few insights. The team was able to identify ten major ransomware groups affecting healthcare organizations as well as the sub-industries within the healthcare sector impacted most by ransomware for Q3 2021. It is important to note that this data is based on a sample of ransomware incidents derived from a variety of sources (including media reports, ransomware blog leak sites, and information shared by federal partners) and that the findings may not encompass all ransomware incidents affecting healthcare entities, as many go unreported.

In total 68 ransomware incidents impacting healthcare organizations worldwide occurred during Q3. HC3 found that about 63% of these ransomware incidents impacted the U.S. health sector while 37% impacted healthcare organizations outside the United States. The top countries impacted by these ransomware incidents in the health sector outside the U.S. included France, Brazil, Thailand, Australia, and Italy. In the United States, the states experiencing the most ransomware incidents included California, Florida, Illinois, Michigan, Texas, Arizona, Indiana, Maryland, New York, and Georgia. It is important to note that some states may experience more incidents due to their size and population. View the entire report below.