Ransomware attackers have increasingly turned to malicious encryption within the healthcare sector, with a recent report from security firm Sophos indicating that 75% of ransomware attacks on healthcare organizations successfully encrypted data. This marks a worrying trend, as attackers have become more skilled and innovative in their approaches, reducing the ability of healthcare entities to thwart such attacks.
While in 2022, 34% of healthcare organizations managed to disrupt a ransomware attack before their data was encrypted, that number dropped to just 24% this year. The study, based on a survey of 3,000 IT and cybersecurity organizations across 233 healthcare entities, highlights the continuing threat ransomware poses to the healthcare sector.
The healthcare industry’s low levels of cybersecurity spending, particularly in rural or underserved communities, has made it a prime target for cyberattacks. This is exacerbated by the fact that many medical organizations prefer to pay ransoms rather than risk losing access to patient data, despite the potential consequences for patient care.
Ransomware attacks can disrupt clinical settings and negatively impact patient outcomes, as highlighted in a September 2021 alert by the Cybersecurity and Infrastructure Security Agency. However, there is some positive news as the rate of successful ransomware attacks on healthcare organizations has slightly decreased this year, even though the average ransom payout remains significant, with a median of $2.5 million.
The report also indicates that 90% of ransomware attacks on healthcare entities occur after regular business hours, as attackers aim to maximize their chances of success. The primary methods ransomware-wielding hackers use to breach healthcare networks are through compromised credentials, followed by vulnerability exploits.
The evolving sophistication of ransomware attacks and the speed with which cybercriminals attempt to penetrate corporate networks and deploy crypto-locking malware create significant challenges for the healthcare sector.
Despite these challenges, there has been a slight reduction in both the number of healthcare organizations impacted by ransomware and the number of those choosing to pay ransoms compared to the previous year.