Healthcare hit hardest by ransomware last year, FBI IC3 report shows

March 12, 2024 - The healthcare sector suffered more ransomware attacks than any other critical infrastructure sector last year, according to complaint data examined in the Federal Bureau of Investigation’s 2023 Internet Crime Report.

Every year, the FBI’s Internet Crime Complaint Center (IC3) receives thousands of complaints and compiles them into an annual report to shed light on cybercrime trends. In 2023, IC3 received a record 880,418 complaints, with losses exceeding $12.5 billion. These figures signify a 10 percent increase in complaints received and a 22 percent increase in losses suffered compared to last year’s report.

IC3 received 1,193 complaints from critical infrastructure organizations alone in 2023. Those complaints spanned 14 of the 16 critical infrastructure sectors, and 249 of them were from healthcare. Critical manufacturing followed, with 218 logged complaints.

These figures could be partially explained by the healthcare sector’s willingness to report these attacks to the authorities. The IC3’s report noted that the FBI has long faced challenges in quantifying the true number of ransomware victims, as many go unreported.

What’s more, the top ransomware variants observed in 2023 attacks were LockBit and ALPHV/BlackCat, two groups that are known for targeting healthcare. LockBit accounted for 175 of the critical infrastructure ransomware attacks reported to IC3, and ALPHV/BlackCat was associated with 100 attacks.

“Profit-driven cybercriminals and nation-state adversaries alike have the capability to paralyze entire school systems, police departments, healthcare facilities, and individual private sector entities,” IC3 emphasized.

“The FBI continues to combat this evolving cyber threat. Our strategy focuses on building strong partnerships with the private sector; removing threats from US networks; pulling back the cloak of anonymity many of these actors hide behind; and hitting cybercriminals where it hurts: their wallets, including their virtual wallets.”

Overall, ransomware was a widespread issue across IC3’s complaint database. More than 2,800 of the 2023 complaints pertained to ransomware, representing an 18 percent increase from 2022. In addition, reported losses from ransomware attacks rose 74 percent, from $34.3 million to $59.6 million.

“Cybercriminals continue to adjust their tactics, and the FBI has observed emerging ransomware trends, such as the deployment of multiple ransomware variants against the same victim and the use of data-destruction tactics to increase pressure on victims to negotiate,” IC3 noted.

As ransomware continues to impact businesses at alarming rates, the FBI has doubled down on its efforts to curb ransomware gangs and recover assets lost to financial fraud. In 2023, the FBI’s Recovery Asset Team (RAT) initiated the Financial Fraud Kill Chain (FFKC) on more than 3,000 incidents, saving millions of dollars from financial fraud schemes.

“As the cyber threat continues to evolve, the FBI remains appreciative of those who report cyber incidents to IC3. Information reported to the FBI helps advance our investigations. Your reporting is critical for our efforts to pursue adversaries, share intelligence with our partners, and protect your fellow citizens,” the FBI continued.

“Cybersecurity is the ultimate team sport, and we are in this fight together. The FBI is committed to fostering greater security in a digitally connected world, and we are eager to work with the American public to defeat cyber adversaries and bring criminals to justice.”