Cyber Threats Escalate Against Healthcare

- The North Korean state-sponsored Lazarus Group, previously known for the 2014 Sony Pictures hack and the 2017 WannaCry ransomware attack, has a history of financially motivated cybercrime to circumvent international sanctions. - Medusa ransomware operates on a Ransomware-as-a-Service (RaaS) model, where affiliates use the malware in exchange for a share of the profits, a structure that has enabled over 366 claimed attacks since its emergence in 2023. - The breach at Vicor Scientific originated with one of its vendors, Catalyst RCM, a revenue cycle management company; the Everest ransomware group claimed responsibility and leaked the stolen data after a ransom was not paid. - Compromised data from the Vicor Scientific vendor breach included patient names, dates of birth, diagnoses, medical treatment history, health insurance information, and payment card details with access codes. - Ransomware attacks have a direct impact on patient care, with one survey showing they can lead to longer hospital stays, delays in medical procedures, and an increase in patient mortality rates. - Third-party vendors are a significant weak point; in 2023, 58% of all individuals impacted by healthcare data breaches were the result of an attack on a business associate or vendor. - The healthcare sector is the most targeted industry for third-party breaches, accounting for 41% of such incidents in 2024. - Generative AI has led to a 1,200% increase in phishing attacks since late 2022, as it allows attackers to create customized phishing campaigns and malicious payloads at a large scale.