COVID-19 , Critical Infrastructure Security , Cybercrime

Impact of 'Weaponization of Data' Attacks on Healthcare

Adam Meyers of CrowdStrike on Evolving Global Healthcare Sector Cyberthreat Trends
Impact of 'Weaponization of Data' Attacks on Healthcare
Adam Meyers, vice president of threat intelligence, CrowdStrike

The "weaponization of data" in cyberattacks - where cybercriminals not only deploy ransomware but threaten to release stolen data on the internet - has quickly become one of the biggest threats facing many healthcare sector entities, says Adam Meyers, vice president of threat intelligence at CrowdStrike.

CrowdStrike found a 82% increase in ransomware attacks in 2021 - compared to 2020 - that involved the "weaponization of data," or theft of data that attackers threatened to leak on the internet if ransom demands were not met, Meyers says in an interview with Information Security Media Group discussing highlights of CrowdStrike's recently issued 2022 Global Threat Report.

"The weaponization of data, particularly in the healthcare sector, can have really profound impact on a victim, especially having to do with HIPAA-[covered] data," he says. "The ransom demand probably pales in comparison to the cost of dealing with the litigation and the regulatory and compliance issues that come."

Data weaponization is a way for attackers to establish control over the attack situation, especially since many organizations hit with ransomware encryption have refused to pay ransoms if they're able to restore their affected data through backups, Meyers says.

Sub-Targets

While some organizations - such as doctor practices and hospitals - have become a hot spot for ransomware and data leak attacks, Meyers says other healthcare sector players - such as pharmaceutical companies and medical research and development entities - have become the bull's-eye for attacks involving intellectual property theft, especially during the COVID-19 pandemic.

"We've observed numerous nation-state actors targeting those types of organizations," he says.

In the interview (see audio link below photo), Meyers also discusses:

As CrowdStrike's senior vice president of intelligence, Meyers directs a geographically dispersed team of cyberthreat experts tracking criminal, state-sponsored and nationalist cyber adversary groups across the globe to product actionable intelligence. He also oversees the development and deployment of AI, machine learning, reverse engineering, natural language processing and other technologies to detect suspicious and malicious cyber behavior.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.