Cybersecurity provider Emisoft recently released statistics indicating that 2022 saw no decrease in successful ransomware attacks among U.S. local government and healthcare providers despite new legislation at both the federal and state levels aimed at curbing it. According to the numbers provided in the report, 106 local governments, 44 universities and colleges, 45 school districts and 25 healthcare providers were affected by ransomware attacks last year.
The report goes on to detail some of the impacts of these attacks: The local government of Quincy, MA paid a $500,000 ransom in 2022. The Los Angeles Unified School District, the second largest in the U.S., refused to pay a ransom and had stolen data released on the Internet. In seventeen separate instances, ransomware attacks on hospitals resulted in protected health information being stolen. In one of these, a 3-year-old patient received an overdose of pain medicine because the system for calculating the dosage was compromised.
The trend isn’t improving
Although the ransomware threat is widely recognized and countless dollars are spent by companies and governments to try and stop it, the impact has not lessened over the last several years. According to the report, the number of state and local governments known to have been impacted by ransomware in 2022 was 106, roughly the same as the 113 reported in 2019 and 2022 and more than the 77 reported in 2021. The picture looks equally bleak for the education sector. The number of incidents affecting it has remained steady between 84 and 89 incidents each of the last four years.
How can organizations fight back?
Unfortunately, it’s clear there isn’t a silver bullet that will put an end to the very lucrative ransomware business. Legislation and user security training have proven to be largely ineffective, and the amount of money spent on hardware and software solutions continues to skyrocket. The problem has become even more difficult to manage as more and more business applications are now accessed through the web browser and workers now conduct business on work and personal devices, both at home and in the office.
We developed ConcealBrowse push zero trust principles that harden your attack surface to the edge, wherever that edge may be. Phishing and other social engineering techniques have become sophisticated enough to trick even the most savvy and well-trained users, and the web browser is one of the most common attack vectors for ransomware gangs.
ConcealBrowse uses multiple intelligence sources in our decision engine that identifies and isolates risky sites and blocks phishing techniques and malicious downloads. While no solution can prevent 100% of ransomware attacks, ConcealBrowse fortifies the weakest point on your attack surface and removes the burden of judging risk from users. Click here to sign up today for a free version of ConcealBrowse and see how it can make your organization safer from the scourge of ransomware.
Written by: Conceal Research Team