Printer Friendly, PDF & Email

Outlook 2023: Ransomware Threats Multiply as Rogue Nation-States Sponsor More Attacks

Ransomware—including increased attacks from criminal groups affiliated with rogue nation-states such as Russia and North Korea—will continue to dominate the health care security landscape as 2023 gets underway and the COVID-19 pandemic begins to fade into the rearview mirror, cybersecurity experts said.

In addition, the proliferation of Internet of Things (IoT) devices across health care likely will lead to new breaches, and privacy and security issues surrounding web trackers such as Meta Pixel will draw scrutiny to code on organizations’ web pages and apps, the experts said.

The anticipated threats for 2023 evolved from those prevalent over the past several years, said Michael Hamilton, co-founder and chief information security officer of security firm Critical Insight. “Threats will continue from mainly criminal groups known for intentionally targeting the health sector,” Hamilton told RPP. “However, there are now three nation-states engaged in theft and extortion using cyber methods and changing tactics by state-sponsored actors may create new urgency.”

For example, Hamilton said, “China has been found to have engaged in COVID relief fraud, the FBI is warning that the Sandworm group—also state-directed by Russia—will be using ransomware, and North Koreans are responsible for billions in direct losses. Disruption in the health sector also serves the strategic goals of these countries. I think nation-state actors will be moving up as a threat priority to the sector.”

Business email compromise will be the most important HIPAA security issue in 2023, Hamilton said, adding, “[it’s] not because of regulatory penalties, but because hospitals are struggling financially, and any direct monetary loss could be existential to small organizations. There is also more money lost to [such incidents] than ransomware, and tactically it is simpler to execute.”

This document is only available to subscribers. Please log in or purchase access.

Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field