The United States could be under attack. In 2020, the country experienced 1,389 ransomware attacks, averaging 3.8 attacks per day.
A year later, the number of attacks had risen to 2,690, representing a 92.7 percent increase, according to Security Magazine.
This year, things have gotten considerably worse. In the last 12 months, ransomware attacks have risen by 13 percent. More worryingly, an increasing number of hospitals are being targeted by bad actors.
The aim of these attacks? To disrupt the very places that provide vital services to people in need.
Every 11 seconds, somewhere in the world, a ransomware attack occurs. These attacks, which have become increasingly sophisticated over the years, implant malware or malicious software that blocks access to vital data and/or computer systems.
To gain access, the perpetrators must be paid a sizeable ransom. Of all the countries in the world, the United States is the No. 1 target.
In 2019, educational institutes were the No. 1 target for attackers. In 2020, however, cybercriminals switched their attention to the country’s clinics, hospitals, and health care organizations. Since then, attacks on medical facilities have increased in both size and sophistication.
The year 2020 saw COVID bring the country (and the world) to a screeching halt. Uncoincidentally, it also happened to be the year that cybercriminals really started to zero in on hospitals.
According to a 2021 cyber threat report by U.S. cybersecurity company SonicWall, the pandemic was a time when the healthcare sector simply couldn’t afford to pause operations. In other words, when healthcare facilities were attacked, and attackers demanded to be paid, the victims had little option but to comply.
According to Bret Callow, a well-respected cyber threat analyst, in the space of 24 months, between the start of 2020 and the end of 2021, 168 different ransomware attacks occurred, affecting more than 1,700 clinics, hospitals, and health care organizations across the country.
In mid-June, Yuma Regional Medical Center, a hospital in Yuma, Arizona, notified patients about a potentially lethal ransomware attack that occurred in April. One wonders why it took the hospital a month and a half to notify their patients, but I digress. Patients’ names, Social Security numbers, health insurance information, and medical information were compromised. More than 700,000 patients were affected by the attack.
Why target hospitals? A better question to ask is, why not target hospitals? All is fair in love and war, as they say. Make no mistake about it; this is war. Ransomware attacks are now the weapon of choice for cybercriminals. Moreover, hospitals are places where people, many of whom are in desperate need of assistance, congregate.
An attack on U.S. hospitals is really an attack on the country’s most vulnerable citizens. Such attacks are deadly serious. The operative word in the previous sentence is deadly.
In the words of John Riggi, a cybersecurity and risk specialist at the American Hospital Association (AHA), ransomware attacks “are threat-to-life crimes because they directly threaten a hospital’s ability to provide patient care, which puts patient safety at risk.”
Ransomware attacks have forced a number of hospitals to delay chemotherapy treatment for cancer patients; they have also prevented hospitals from returning lab results and offering services to pregnant mothers. Ransomware attacks, as research carried out by the Ponemon Institute think tank has shown, have played a direct role in the death of patients.
Identifying the Culprits
Which begs another question: who is behind these ransomware attacks?
Well, there’s reason to believe that bad actors from China and Russia have played, and continue to play, significant roles in executing these dangerous attacks.
Last year, Jackie Drees, a writer who covers all things cyber, discussed the many ways in which cybercriminals “with connections to China” were actively targeting “U.S. healthcare and genomic data by hacking and other extraction methods.”
She noted that the theft of private data from the American people poses “serious risks, not only to the privacy of Americans, but also to the economic and national security of the U.S.”
This fact is not lost on Russian hackers. For years, a group by the name of Wizard Spider has targeted several U.S. hospitals. In 2020, the FBI warned U.S. healthcare providers that the group possessed ransomware capable of freezing entire computer networks. In truth, Kremlin-backed hackers are always targeting the United States—they never stop.
Sadly, as the abovementioned Drees noted in her piece, for such a powerful country, the United States has remarkably poor “safeguards on medical and health data.” More recently, Politico published a piece lamenting the proliferation of “poorly secured medical technology.” The United States has shoddy physical infrastructure—potholes, grid failures, and collapsing bridges. The country’s cyber infrastructure is also in a dire state.
Unless things change, and unless they change soon, these cyberattacks will continue. Furthermore, as these attacks become more aggressive in nature, an increasing number of innocent Americans will suffer.
Views expressed in this article are the opinions of the author and do not necessarily reflect the views of The Epoch Times.