The attacks of ransomware healthcare institutions have increased by 94% in the last year, according to the latest report “The State of Ransomware in Healthcare 2022” Sophos, a global leader in next-generation cybersecurity.
Research by the cybersecurity firm showed a clear increase in 2022, as in 2021 only 66% of healthcare organizations were reached, representing a rise of 34% for 2020.
A positive side shown in the study is that healthcare organizations are improving their infrastructure to deal with these ransomware attacks, where 99% of healthcare organizations hit by hacker attacks received at least some of their data after cybercriminals encrypted during the attacks.
Other additional healthcare ransomware findings that the Sophos study uncovered are:
- Healthcare organizations had the second highest average ransomware recovery cost at $1,85 million, taking an average of one week to recover from an attack.
- 67% of healthcare organizations think cyberattacks are more complex, based on their experience of how cyberattacks have changed over the past year; the health sector had the highest percentage
- While healthcare organizations pay the ransom most frequently (61%), they are paying the lowest average ransoms, $197.000, compared to the global average of $812.000 (across all survey sectors)
- Of the organizations that paid the ransom, only 2% got all of their data back.
- 61% of attacks resulted in encryption, 4% less than the global average (65%)
"Ransomware in the healthcare space is more nuanced than other industries in terms of protection and recovery“, said John Shier, Senior Security Specialist at Sophos, adding that “the data that healthcare organizations leverage is extremely sensitive and valuable, making it very attractive to attackers".
BUT: Kaspersky launches online ransomware response training course
For the cybersecurity enterprise, more healthcare organizations (78%) are now opting for cyber insurance, although 93% of healthcare organizations with insurance coverage report having more difficulty obtaining policy coverage in the last year.
With ransomware being the biggest driver of insurance claims, 51% reported that the level of cybersecurity required to qualify is higher, putting a strain on healthcare organizations with lower budgets and fewer technical resources available.
Taking all this data into account, Sophos experts recommend the following best practices for all organizations in the healthcare sector:
Install and maintain high-quality defenses at every point in your organization's environment. Review security controls regularly and make sure they continue to meet the needs of the organization
- Strengthens the IT system by looking for and closing key security gaps: unpainted devices, unprotected machines, and open remote desktop protocol ports🇧🇷 Extended Detection and Response (XDR) solutions are ideal to help close these gaps
- Take backups and practice restoring them so your organization can get back up and running as quickly as possible with minimal disruption
- Proactively hunt down threats to identify and deter adversaries before they can execute their attack – if the team doesn't have the time or skills to do so in-house, subcontract to a Managed Detection and Response (MDR) specialist
- Prepare for the worst. Know what to do if a cyber incident occurs and keep the plan up to date
This Sophos study polled more than 5.600 IT professionals, including 381 respondents in medium-sized organizations (100-5.000 employees) in 31 countries.
