Ransomware Attacks Increasingly Target Critical Infrastructure

An early August ransomware attack against a California-based network of healthcare organizations forced hospitals across four states to close their emergency rooms, divert patients to other facilities and take their computer systems offline. The attack on Prospect Medical Holdings is the latest in a concerning escalation of attacks on healthcare and other critical infrastructure sectors.

Ransomware Attacks Increasingly Target Critical Infrastructure

More than one-third of the ransomware attacks reported last year targeted critical infrastructure sectors such as healthcare, energy, manufacturing, government facilities and financial services, according to the FBI’s most recent Internet Crime Complaint Center annual report. Analysts say these attacks raise alarms about the vulnerability of essential services and underscore the urgent need for heightened cybersecurity measures.

Several factors contribute to rising attacks on critical infrastructure. The increased interconnectedness of IT systems has expanded the attack surface and created new vulnerabilities. Additionally, these industries usually have limited tolerance for disruption, making them more willing to pay a ransom to restore operations quickly.

In many cases, attacks on critical infrastructure have geopolitical motivations. These sectors are so vital that their disruption could lead to widespread chaos with far-ranging impacts on national security, public health, safety and financial markets.

Here’s a closer look at how ransomware groups are targeting specific industries:



Hospitals and healthcare providers have become particularly enticing targets due to the vast amount of sensitive data they collect, process and store. Nearly half (47 percent) of healthcare organizations surveyed by the Ponemon Institute say they experienced a ransomware attack in the past two years. Cybercriminals understand that the urgent nature of medical care creates an incentive for healthcare firms to pay ransoms quickly to minimize disruption of critical services.

Even when attacks are resolved quickly, ransomware negatively impacts patient care. Twenty-one percent of Ponemon respondents said ransomware attacks adversely affected mortality rates. Seventy percent said patients had to be transferred or diverted to other facilities, and 68 percent said the attacks led to longer hospital stays.



The energy sector is an obvious target, given its critical importance, the potential for large financial gains and the severe societal impact that disruptions can cause. According to one study, nearly 70 percent of oil and gas firms have experienced cyberattacks that exposed confidential information or disrupted operations.

More than one-third of the ransomware attacks reported last year targeted critical infrastructure sectors.

Attacks on power grids, oil refineries, distribution systems and other critical components disrupt the flow of energy and pose safety and economic risks to surrounding communities. For example, the 2021 Colonial Pipeline ransomware attack shut down the flow of petroleum products between Texas and the East Coast for a week, drove gas prices to their highest levels in years and led President Biden to declare a state of emergency.



Manufacturing firms often rely on a blend of legacy and modern technology systems, which can result in uneven levels of cybersecurity. Outdated or insufficiently protected systems present a prime target for ransomware gangs. More than half of the manufacturing companies surveyed recently by the cybersecurity firm Sophos report that they were hit with a ransomware attack in the first quarter of 2023. In some cases, these attacks halted production lines, disrupted supply chains and undermined the company’s economic stability.


Public Sector

City and state government agencies are frequently targeted because they lack adequate security systems and support, and often run unsupported software on outdated systems. High-value data is another reason — agencies store information not only for the people they employ and serve but also for a huge number of businesses that do contract work. For malicious actors, these agencies are fantastic sources of wage and tax data that can be used to commit tax fraud.



As ransomware attacks evolve in scale and sophistication, organizations can safeguard critical infrastructure with a multilayered cybersecurity strategy that integrates key elements of network security. The cybersecurity professionals at GDS can help you design, deploy and manage an integrated security environment. Contact us to learn more.




Benefits of Managed IT Services from Global Data Systems

  • Strategic Managed IT: We help you solve your technology related business problems.
  • Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
  • Support: When you need help simply call our 24x7x365 support number.
  • Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.

Contact Managed Services Provider, Global Data Systems >