More than 200 government, education, and healthcare organizations in the United States fell victim to ransomware in 2022, data gathered by cybersecurity firm Emsisoft shows.
At a US-led summit in 2021, roughly 30 nations vowed to intensify the battle against ransomware, but ransomware groups remain a constant threat to both public and private sectors in the US and abroad.
Last year, 105 local governments in the US were hit with ransomware, along with 44 universities and colleges, 45 school districts, and 25 healthcare providers. The attacks on these school districts impacted more than 1,900 individual schools, while the healthcare provider incidents hit 290 hospitals.
Based on publicly available reports, Emsisoft’s statistics show that the number of impacted organizations has remained constant over the past four years.
The cybersecurity company notes, however, that “not all incidents are made public, even in the public sector and, consequently, the true number of incidents in all sectors of the economy is and has always been higher than reported.”
Of the 105 known ransomware incidents involving state or municipal governments or agencies in 2022, at least 27 also resulted in a data breach.
A major ransomware incident involving a government organization was in Miller County, AK, where malware spread from a compromised mainframe to systems in 55 different counties. Data was stolen from all of them.
Compared to previous years, when major cities such as Baltimore and Atlanta were targeted with ransomware, only smaller governments fell victim to such cyberattacks in 2022.
Of the 89 education sector organizations that suffered a ransomware attack last year, 58 also suffered a data breach following the incident. The most significant attack targeted the Los Angeles Unified School District, impacting over 1,300 schools and 500,000 students.
The most significant of the 25 ransomware incidents involving hospitals and multi-hospital health systems was the attack on CommonSpirit Health, with impact on roughly 150 hospitals. Protected health information (PHI) was stolen in at least 17 of the incidents.
The number of paid ransom demands has decreased significantly last year, with only one government organization known to have paid a ransom in 2022. At least three education organizations are known to have paid up.
While the number of ransomware attacks directly targeting government, education, and healthcare organizations remained on par with previous years, the actual impact of ransomware on these sectors was much higher.
Cyberattacks targeting private sector companies providing services to these sectors – such as payroll, IT, and other service providers – also had an impact, in some cases leading to disruptions and data breaches.
Related: White House Invites Dozens of Nations for Ransomware Summit
Related: FBI Warns of Ransomware Attacks Targeting Local Governments
Related: SecurityWeek Cyber Insights 2022: Ransomware