Industry Specific , Targeting Healthcare , Video

Cybersecurity Stigma: More Victims Avoid Saying 'Ransomware'

Rebecca Moody of Comparitech Charts Ransomware's 'Dramatic Impact' on Healthcare
Rebecca Moody, head of data research, Comparitech

Ransomware continues to slam numerous sectors, including healthcare. But is it getting worse or better? Which gangs are causing the most damage, and what are attackers' top targets? Those are questions being asked by police, policymakers and more.

See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical

Unfortunately, while ransomware continues to have "a dramatic impact," especially in terms of downtime and exposed records, accurately gauging ransomware attack trends continues to be complicated by the fact that so many incidents never publicly come to light, says Rebecca Moody, head of data research at cybersecurity research firm Comparitech, which recently published a new study on the impact of ransomware on the healthcare sector.

Many ransomware groups use data leak sites to threaten and list victims unless they pay a ransom. But Moody says that the information contained on these sites is unreliable, and only a subset of victims end up being listed.

Another complication: the apparent stigma facing victims. "A lot of companies are avoiding the word 'ransomware,'" she says, in favor of saying "cyberattack" or "security incident."

"Sometimes they will say that systems are encrypted, so that gives you a good indication it's ransomware," Moody says. "But I think there's a movement away from publicly admitting to having suffered a ransomware attack - unless their hands are tied and systems have gone down, hackers have publicly released data and so on."

In this video interview with Information Security Media Group, Moody discusses:

  • How ransomware continues to affect the healthcare sector;
  • Victims' increasing hesitancy to label a ransomware attack as such;
  • Why mandatory reporting of ransomware attacks or ransom payments would help everyone from consumers to policymakers.

Moody leads Comparitech's three-person data research team, producing studies on a range of privacy, security and streaming topics. Access to her research has been requested by government departments and NGOs worldwide, including the United Nations, the European Union Commission's Communications Directorate and UNESCO.

Over 5,000 health data breaches since 2009 have affected the personal information of 370 million people. Ransomware gangs and hackers are targeting healthcare providers, insurance firms and partners at an alarming rate. Targeting Healthcare explores these trends and how the industry can respond.

Read more

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.