Healthcare found to be a favourite target of cryptolockers

Researchers at Positive Technologies investigated the cybersecurity trends of the first quarter in 2019 in the “Cybersecurity Threatscape: Q1 2019” report.

The report identified an increase in ransomware trojans from 9% in the last quarter of 2018 to 24% in the first quarter of 2019. However attackers are earning less from “traditional” ransomware and therefore attackers are creating new sophisticated methods to manipulate users.

Researchers at Positive Technologies reported an increase in attacks aimed at obtaining data, with more than half of the attacks aimed at stealing information. The most “in-demand” information remains personal data (28%) followed by credentials (25%), payment card information (16%) and medical records (9%).

Phishing still remains the most popular and efficient way of delivery malware (36%), however there are other routes used to distribute malware.

Leigh-Anne Galloway, Cyber Security Resilience Lead at Positive Technologies said:

“For instance, users download a lot of files from torrent trackers, which increases the risk of malware infection exponentially; also, using files that pretend to be movies, attackers have been able to distribute software for swapping addresses of Bitcoin and Ethereum wallets at the moment when data is inserted from the exchange buffer.

“These new methods of attack demonstrate how creative and sophisticated attackers are becoming.”

In regards to organisations attackers most often attack government agencies (16%), medical institutions (10%) and industrial companies (10%).

Healthcare has become an extremely attractive and a favourite target for ransomware attacks, as “medical institutions often do not have an adequate information security budget”. Thus hospitals become an easy prey for hackers due to the weak protection.

Additionally hospitals store vast amounts of personal data, and hospitals are at risk of being fined for data breaches, hence many health organisations are forced to pay ransoms more willingly than businesses. It was found that 49% of attacks against healthcare organisations was for personal data, followed by medical records (41%). A total of 60% of the attacks targeted its infrastructure.

On a positive note, hidden mining has become less popular with the share of mining attacks decreasing from 9% in Q4 of 2018, to 7% in Q1 2019.

“As mining becomes less profitable, cybercriminals are forced to upgrade miners by extending their capabilities to those of multifunctional Trojans.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.