Ransomware attacks against healthcare companies are increasing, leaving hospitals and other care facilities’ data vulnerable to cyber-hackers’ demands
According to the cybersecurity company Sophos’s ‘The State of Ransomware in Healthcare 2022 report, 66 per cent of healthcare organisations were hit by ransomware attacks last year, up from 34 per cent in 2020.
Attackers have become “considerably more capable at executing the most significant attacks at scale” as evidenced by the near doubling of cyber-incidents.
Healthcare organisations are a common target for ransomware attacks because they largely rely on access to data, such as patient information, to keep their operations running smoothly. Even a short delay in access to records can result in negative patient outcomes.
According to the Sophos analysis, 61 per cent of the healthcare businesses who reported ransomware attacks had their data encrypted at the time.
This was an improvement from the healthcare industry’s 65 per cent encryption rate in 2020 and was marginally better than the 65 per cent encryption rate across all industry sectors globally. This “indicates that healthcare was better able to stop data encryption in a ransomware attack,” reported Sophos.
The findings are based on an independent “vendor-agnostic” survey of 5,600 information technology professions in medium-sized organisations, including 381 healthcare respondents across 31 countries.
The analysis also indicated a decrease in the frequency of extortion-only attacks, from seven per cent in 2020 to just four per cent in 2021. The data is not encrypted in extortion-only attacks, but the healthcare company was “held to ransom with the fear of data exposure.”
The increase in successful ransomware attacks has “affected healthcare more than any other sector,” according to Sophos, based in the United Kingdom. When compared to cross-sector averages, healthcare experienced the “greatest increase in the volume of cyber-attacks (69 per cent) as well as the complexity of cyber-attacks (67 per cent)”.
Almost 99 per cent of healthcare businesses that were the target of ransomware attacks in 2021 received “some encrypted data returned,” as opposed to only 93 per cent in 2020. — The Health
