New analysis by Comparitech shows that government entities remain a frequent target for ransomware gangs.
Of the 39 confirmed attacks — where the organization publicly acknowledges what’s happened — in April, 21 were on businesses, nine on government entities, six on healthcare companies and three on educational institutions.
Among 440 unconfirmed attacks — claimed by the ransomware gang but not admitted by the target — 396 were on businesses, 16 on government entities, 16 on healthcare companies and 11 on educational institutions.
Rebecca Moody, head of data research at Comparitech, writes on the company’s blog, “Government entities remain a frequent target for ransomware gangs. Ransomware figures in this sector remain high despite lower attack figures overall. Meanwhile, healthcare companies saw an increase in confirmed attacks.”
Qilin has been the most prolific ransomware strain in April with 67 attacks. Qilin’s rise might have something to do with RansomHub going dark last month. RansomHub’s affiliates may have migrated to Qilin, with such an increase in the number of attacks claimed by Qilin in April (up from 45 in March), making this a plausible scenario.
Among attacks on government bodies Rhysida hit the Oregon Department of Environmental Quality (DEQ) with a $2.7 million ransom demand that DEQ has since confirmed it refused to pay. Three other US bodies were hit in April — the Arizona Federal Public Defender’s Office, DuPage County, and Hamilton County Sheriff’s Office. No hackers have claimed these attacks as of yet.
Elsewhere in the world the Prague City Service Administration was hit by Cicada3301, while Spanish municipality Badajoz, Mexican water utility company SIAPA, and two Belgian social welfare centers (one in Rebecq and one in Jemeppe-sur-Sambre) were hit by unknown hackers.
You can read more, including detials of attacks on other sectors, on the Comparitech site.
Image credit: Benjawan Sittidech/Dreamstime.com
