Ransomware attacks hit over 200 US public sector organizations last year

ID theft
(Image credit: Future)

Over the course of 2022, more than 200 large public sector organizations in the United States were impacted by ransomware attacks. 

Cybersecurity experts Emsisoft claims firms in the government, education, and healthcare industries were most affected, having scoured publicly available reports, disclosure statements, but also dark web leaks, and third-party intelligence. 

In about half of the discovered incidents, the threat actors made away with sensitive data.

Hiding the incidents

Detailing the attacks that happened last year, a total of 105 counties were targeted with ransomware, as well as 44 universities and colleges, 45 school districts, and 24 healthcare providers. 

Despite extensive research, the company says that the numbers are likely inconclusive, as not all organizations are eager to disclose cybersecurity incidents. Compared to private companies, public organizations are more likely to share the details of such incidents, but it’s still likely that some incidents were kept hidden. 

“The reality is that nobody knows for sure whether the number of attacks are flat or trending up or down,” Emsisoft said in its report.

Besides undisclosed and hidden incidents, there are also incidents that might have been unfolding as Emsisoft prepared its report, such as the CentraState Medical Center attack which was allegedly taking place on December 30, 2022. Back then, the organization announced stopping admitting patients “due to a cybersecurity issue”.

Ransomware operators are usually hesitant when it comes to attacking healthcare providers, as a potential fatal outcome would probably spell the end for their operations, and freedom, altogether.

Over the weekend, the LockBit ransomware operators distanced themselves from an affiliate that targeted the SickKids hospital for sick children, claiming they violated their rules by attacking a healthcare organization. The group apologized for the incident and provided the decryptor.

Via: BleepingComputer

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.