Coronavirus Leads to A Drop in Ransomware Attacks, But Hospitals Still Vulnerable Author: Sherlock Gomes Last Updated: 16 April 2020 A new report from Chainalysis suggests that the number of ransomware attacks has dropped considerably in March when the coronavirus pandemic gripped the world. A significant drop in attacks Chainalysis said that witnessing a drop in ransomware attacks during the period was significant because many experts were concerned about ransomware attacks on hospitals and other healthcare units which could create further troubles during a crisis. Ransomware attackers frequently target hospitals. According to security software provider Emsisoft, 764 US-based healthcare providers suffered an attack in 2019 alone. In March, Emsisoft was vocal about its concerns, imploring ransomware gangs and asking them to stop targeting hospitals at a time of crisis. It said that an attack could have potentially fatal impacts on the current scenario. According to a senior economist at Chainalysis Kim Grauer, hospitals were still being attacked even though the number of instances has dropped. He noted that admins of some of the active attacking strains like “maze” and “dopplepaymer” have publicly said that they will not be attacking hospitals at this time. However, hospitals continue to be targeted. “This is probably because they [hospitals] can’t afford to lose access to vital, often sensitive patient data and therefore are considered more likely to pay up, especially during a health crisis,” he added. Drop in the USD value of crypto sent to ransomware addresses Apart from a drop in the number of overall attacks, the USD value sent to ransomware addresses has also dropped. In February, the figure approached $2 million but in March it went down to $500,000. The total number of addresses also fell in March. However, the onchain data is not comprehensive because they do not know all ransomware addresses. Grauer said that the results are indicative in nature. He noted that quantifying the total number of ransomware incidents is a problem because there is a lot of underreporting of issues. He also said that things have not changed fundamentally for criminals who have been carrying out such attacks in the past few months. The findings of Chainalysis were backed by Coveware CEO Bill Siegel. He said that there isn’t a major increase in the number of attacks. However, he noted that there is a rise in the number of phishing emails using terms related to COVID-19 or trying to capitalize on the pandemic.