Cybersecurity firm Emsisoft’s tally of publicly disclosed ransomware attacks in 2022 included 105 counties, 45 school districts, 44 colleges and universities, and over two dozen healthcare providers.
According to the research published on Jan. 2, the number of ransomware attacks on local and state governments, as well as the education sector, has remained relatively consistent since 2019.
However, Emsisoft pointed out that in 2022, only smaller governments — and not larger ones — appeared to be impacted by ransomware.
“This may indicate that larger governments are now making better use of their larger cybersecurity budgets, while smaller governments with smaller budgets remain vulnerable,” the cybersecurity experts said.
In the education sector, ransom attacks on school districts did not increase significantly, but the number of individual schools impacted nearly doubled. Most notable was the September attack on Los Angeles Unified School District – the second-largest district in the U.S.
The research highlighted that the malware attacks on 25 healthcare providers affected just under 300 hospitals, with data including protected health information being exfiltrated in 68 percent of these cases.
“The most significant concern in these incidents is, of course, the impact on medical outcomes,” Emsisoft said. “While the immediate disruption to critical services presents the most obvious risk to patients, outcomes may also be affected in the longer term as the effects of delayed procedures or treatments may not be apparent until weeks, months, or even years after the event.”
The firm concluded, saying that it’s “concerning” there hasn’t been a drop-off in ransomware despite U.S. and international efforts to limit the spread of the attacks. They said, “Counter-ransomware initiatives have included executive orders, international summits, increased efforts to disrupt the ransomware ecosystem, and the creation by Congress of an interagency body, the Joint Ransomware Task Force, to unify and strengthen efforts.”
“Despite these initiatives, ransomware appears to be no less of a problem,” the firm said.