Health sector faces cyber onslaught

Nation-state cyber threat actors are expected to acquire and flex new offensive cyber capabilities in 2023, with the health sector a key threat, according to cyber risk analytics specialist CyberCube.

In a new report, CyberCube anticipates there will be further attempts to compromise IT supply chains and geopolitical targets such as government agencies and non-government organisations​. 

Chinese threat actors are expected to engage in zero-day exploitation and disclosure and a heightened level of nation-state targeting of critical infrastructure targets worldwide is anticipated.

The research, CyberCube’s Global Threat Briefing: Update on cyber threat actor activity and expectations, identifies areas that the (re)insurance and broking community need to focus on. Utilising CyberCube’s Exposure Databases to enable (re)insurers and brokers to perform a wide array of benchmarking, sensitivity, and real-time analyses for cyber risks, it warns that healthcare, arts & entertainment, and manufacturing​ are sectors demonstrating high exposure and low security​ scores. 

In particular, CyberCube suggested, healthcare remains under-secured relative to its inherent exposure and more attacks are expected in 2023​.

The report examines criminal cyber threat activity and predicts the overall volume of ransomware and extortion attacks in the first six months of 2023 is likely to be on par with 2022.​ It also states there will be increased targeting of critical civilian infrastructure in Ukraine.

William Altman, report author and cyber threat intelligence principal, said: “As Russia faces mounting losses, attacks on critical Ukrainian civilian infrastructure could intensify. This includes attacks on public and local authorities. Cyber security will be critical to defending civilian life, including in the energy, financial, communications, and vital software sectors in Ukraine.”