Ransomware attacks on the U.S. government sector, education and healthcare sectors impacted over 200k larger companies in 2022.
The ransomware attack on hackers involved about half the data stolen according to publicly accessible reports, disclosure statements and leaks from the dark web.
Ransomware attacks are not well understood
According to available data, ransomware in the United States affected 105 counties and 44 universities and college, 45 school districts and 24 health care providers.
These statistics were compiled by Emisoft, a cybersecurity company. They highlight that not all victims are disclosed – in both the public and private sectors – and may be omitted entirely by researchers.
Therefore, it is important to be conservative with the data in the annual report on ransomware use in America. They cannot accurately represent a trend.
Incidents affecting public sectors are less likely to be reported, which allows for consistent data. Researchers believe this could be a clue to ransomware activities in the private sector.
“The truth is, nobody can tell for certain whether there are any attacks that have fallen or trended up or down.”
Ransomware affected 105 counties
Ransomware attacks against local governments increased from 77 to105 in 2021. However, the numbers are not significantly different than the years prior, when there were 113 instances.
Researchers note that 2022’s figure was “dramatically affected” by a single ) that spread to 55 other counties.
Emsisoft points out that Quincy (Massachusetts) was the only local government known to have paid hackers in 2022. They lost $500,000
At least 27 incidents involved hackers who stole victims’ data.
In 58 cyberattacks on educational organizations, hackers stole data
Ransomware infected 89 educational institutions in the U.S. 44 colleges and universities, 45 school districts and stole data in at most 58 attacks.
While there are less than 100 ransomware attacks in this sector overall, more than 2000 organizations could be impacted since 1,981 schools have been affected by the ransomware.
Los Angeles Unified school District was made one of its most important targets for 2022.
Emisoft claims that hackers demanded ransom from three education organizations. The Glenn County Office of Education was one of the victims. It in ransom to Quantum Threat actors to retrieve encrypted data.
Ransomware could affect 290 hospitals
According to Emsisoft research, it is difficult to track ransomware attacks in healthcare, mainly because of unclear disclosures.
They did not count attacks on multi-hospital systems or hospitals, and that added up to 24 by 2022.
Although the number of affected hospitals is small, it has a much larger impact, possibly affecting 289. was the most prominent healthcare organization to be attacked. It runs over 140 hospitals and exposes data on 623,000 patients.
Researchers at Emsisoft claim that hackers have stolen files from 17 cases involving the healthcare industry.
According to the company, these statistics don’t give a complete picture of ransomware attacks on the public sector. “There will be some instances that didn’t come to our attention,” the report states.
Some attacks could have continued to be ongoing, but they were not reported or classified at the time the data was compiled. The was one example. It stopped accepting patients Friday, December 30, 2022 “due to cybersecurity issues”.
Emsisoft has provided some insights into ransomware activities in public sectors and compares them to previous years’ statistics.