In 2022, ransomware attacks impacted over 200 large organizations in the US public sector, including the government, education, and healthcare sectors.

According to data gathered from available public reports, disclosure statements, dark web leaks, and third-party intelligence, hackers stole data in roughly half of these ransomware attacks.

There is no clear picture of ransomware attacks.

According to available data, the ransomware threat affected 105 counties, 44 colleges, and universities 45 public schools, and 24 healthcare providers in the United States.

Emisoft, a cybersecurity company, compiled these statistics, emphasizing that not all victims – fewer in the public sector and more in the private sector – disclose such incidents, and some may have escaped the researchers’ notice.

As a result, the figures in the year-end report on the condition of ransomware in the United States should be regarded as conservative, as they are unable to precisely form a trend.

As a result, the researchers believe that this data could point to malware action in the private industry.

“The reality is that no one knows for certain whether the number of incidents is flat, increasing, or decreasing.”- Emisoft.

Ransomware affected 105 counties

Ransomware attacks on local authorities increased from 77 to 105 in 2021, but the number is not significantly distinct from the previous year, which documented 113 incidents.

According to the researchers, the figure for 2022 was “dramatically affected” by a specific instance in Miller County, Alaska, which spread to computer systems in 55 different counties.

According to Emsisoft, Quincy, MA, was the sole known city authority to pay the hackers in 2022, losing $500,000 to them.

At least 27 of these cases occurred with hackers stealing data from victims.

Hackers stole data in 58 attacks on educational orgs

In the United States, the ransomware infected 89 organizations in the education sector, including 44 universities and colleges and 45 school districts, and attackers stole data in at least 50 attacks.

Also read Researchers Discover a New Metador APT that Targets Universities, ISPs, and Telcos.

Even though the overall number of ransomware attacks in this sector is less than 100, the number of potentially impacted organizations is more than 2,000 because the affected school districts operate 1,981 schools.

The Los Angeles Unified District was among the most potential leads in 2022, according to the Vice Society malware gang.

According to Emisoft, three educational organizations paid the hackers a ransom. The Glenn County Office of Education was one of them, having paid the Quantum threat actors $400,000 to recover encrypted data.

290 hospitals potentially affected by ransomware

The report by Emsisoft researchers states that monitoring ransomware instances in the healthcare industry is more difficult, owing to unclear disclosures.

Also read Iranian Threats to the Healthcare Sector: Federal Authorities.

As a result, they only counted attacks on health facilities and multi-hospital health systems, which also totaled 24 in 2022.

Despite the low number, the effect is much greater, potentially affecting up to 289 hospitals. The most notable healthcare entity targeted was CommonSpirit Health, which operates over 140 hospitals and exposed the data of 623,000 patients.

According to Emsisoft researchers, hackers stole files in 17 occurrences involving the healthcare sector.

According to the company’s report, these statistics do not provide a full picture of ransomware attacks in the government sector because “there will be a few incidents that did not come to our attention.”

Furthermore, there are few attacks ongoing, unredacted, or underreported at the time while compiling the data. CentraState Medical Center, for example, ceased confessing patients on Friday, Dec. 30, 2022, “due to a cybersecurity issue.”

Nonetheless, Emsisoft’s report offers a glimpse into malware activity in the government sector and how this compares to previous years’ statistics.