Ramsomware attacks
Photo by Tima Miroshnichenko on Pexels.com

Ransomware attacks on healthcare organisations increased 94% – survey

In 2021, 66% of healthcare organisations were hit by ransomware attacks and 34% were hit the previous year. This is a 94% increase in ransomware attacks on the organisations according to Sophos, a global leader in next-generation cybersecurity, in a new published sectoral survey report called “The State of Ransomware in Healthcare 2022.”

photo 2021 01 27 16 02 06

Protect your small business effortlessly with Kaspersky

No IT specialist? No worries!

  • Security software specially designed to meet the needs of small businesses
  • Benefit from flexible, affordable options to save you money and resources
  • Protect what you value most with no extra effort

The silver lining, however, is that healthcare organisations are getting better at dealing with the aftermath of ransomware attacks, according to the survey data. The report shows that 99% of those healthcare organisations hit by ransomware got at least some of their data back after cybercriminals encrypted it during the attacks.

5 reliable healthcare apps for providers

Additional ransomware findings for the healthcare sector include:

  • Healthcare organisations had the second-highest average ransomware recovery costs with $1.85 million, taking one week on average to recover from an attack
  • 67% of healthcare organisations think cyberattacks are more complex, based on their experience of how cyberattacks changed over the last year; the healthcare sector had the highest percentage
  • While healthcare organisations pay the ransom most often (61%), they’re paying the lowest average ransoms, $197,000, compared with the global average of $812,000 (across all sectors in the survey)
  • Of those organisations that paid the ransom, only 2% got all their data back
  • 61% of attacks resulted in encryption, 4% less than the global average (65%)
55218768 2185410344859817 5489801483777998848 n

Grow your medium business free from cyber attacks

Save resources on Kaspersky enhanced business solutions against cyber threats

  • Tier upgrades: scale as your business grows
  • Сloud-native: fast and effortless protection
  • Full platform coverage: get security for any endpoint

Ransomware attacks on healthcare space more than other industries

“Ransomware in the healthcare space is more nuanced than other industries in terms of both protection and recovery,” said John Shier, senior security expert at Sophos.

“The data that healthcare organisations harness is extremely sensitive and valuable, which makes it very attractive to attackers. In addition, the need for efficient and widespread access to this type of data – so that healthcare professionals can provide proper care – means that typical two-factor authentication and zero trust defence tactics aren’t always feasible. This leaves healthcare organisations particularly vulnerable, and when hit, they may opt to pay a ransom to keep pertinent, often lifesaving, patient data accessible. Due to these unique factors, healthcare organisations need to expand their anti-ransomware defenses by combining security technology with human-led threat hunting to defend against today’s advanced cyberattackers.”

Insurance claims high due to ransomware attacks on healthcare organisations

More healthcare organisations (78%) are now opting for cyber insurance, but 93% of healthcare organisations with insurance coverage report finding it more difficult to get policy coverage in the last year.

With ransomware being the single largest driver of insurance claims, 51% reported the level of cybersecurity needed to qualify is higher, putting a strain on healthcare organisations with lower budgets and less technical resources available.

49035880 2061367923930727 6755124387055140864 n

Enterprise security you can trust

Get adaptive protection against advanced threats targeting your business

Kaspersky Enterprise Security

We’re here to help in any way that works for you

Security Foundations

For every organization

Products and services that automatically block the most threats

Optimum Security

For small IT security teams

Products and services that protect against evasive threats

Expert Security

For fully-formed IT security and SOC teams

Extended detection and response to confront complex and APT-like attacks

Best practices for all organisations to prevent ransomware attacks

In the light of the survey findings, Sophos experts recommend the following best practices for all organisations across all sectors:

  • Install and maintain high-quality defences across all points in the organisation’s environment. Review security controls regularly and make sure they continue to meet the organisation’s needs
  • Harden the IT environment by searching for and closing key security gaps: unpatched devices, unprotected machines and open Remote Desktop Protocol ports. Extended Detection and Response (XDR) solutions are ideal for helping to close these gaps
  • Make backups, and practise restoring from them so that the organisation can get back up and running as soon as possible, with minimum disruption
  • Proactively hunt for threats to identify and stop adversaries before they can execute their attack – if the team lacks the time or skills to do this in house, outsource to a Managed Detection and Response (MDR) specialist
  • Prepare for the worst. Know what to do if a cyber incident occurs and keep the plan updated

The State of Ransomware in Healthcare 2022” report is available on Sophos.com.

The State of Ransomware in Healthcare 2022 survey polled 5,600 IT professionals, including 381 healthcare respondents, in mid-sized organisations (100-5,000 employees) across 31 countries.

Corporation hunters: Top 5 ransomware groups

The most active groups targeting companies, encrypting data, and demanding ransom.

The estimated global damage from ransomware attacks is 2020 is an estimated $20 billion 😱 These are the top 5 culprits.

Additional resources

  • Learn more about the global prevalence and impact of ransomware across industries including healthcare, government and education amongst others in the State of Ransomware 2022
  • Tactics, techniques and procedures (TTPs) for different types of ransomware are available on SophosLabs Uncut, the home of Sophos’ latest threat intelligence
  • Information on attacker behaviours, incident reports and advice for security operations professionals are available on Sophos News SecOps
  • Learn more about Sophos’ Rapid Response service that contains, neutralises and investigates attacks 24/7

About Sophos

Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organisations and millions of consumers in more than 150 countries from today’s most advanced cyberthreats.

Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks.

Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralised data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors.

Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, UK. More information is available at www.sophos.com.

_____________________________________

Every month in 2022 we will be giving away one PlayStation 5. To qualify like us on Facebook, TikTok and Subscribe to our Sweet TnT Magazine YouTube channel

When you buy something through our retail links, we may earn commission and the retailer may receive certain auditable data for accounting purposes.

You may also like:

How recruiters handle cybersecurity threats

The importance of cybersecurity in mobile banking

5 Crucial site updates you need to make to stay ahead

Some tips for choosing a mobile credit card processor

Programming languages you should learn for robotics in 2022

protect your smartphone V1 category en 1030x175 1

8 Best practices for API testing in 2022

Can AI help reduce carbon footprint in the retail industry?

4 Steps to doing cloud migration with your applications

5 Ways to protect e-Commerce customer’s data

InterServer Web Hosting and VPS

5 Things you need to know before automating eCommerce

6 Benefits of having an international merchant account

This is why you should choose a tech career

10 Valuable tech skills in demand

Screenshot 2022 05 21 153412

Gaming PCs Made Simple with NZXT

We build custom PCs around your budget, optimized for the games you love, all protected by a 2-year warranty.

  1.     Select your chipset and budget
  2.     Pick your parts and peripherals
  3.     We build and ship your PC!

About Sweet TnT

Check Also

Shipping companies

Shipping companies: New AI Product to gauge risks launched by Bearing

Bearing has released a new AI-powered application that accurately predicts Carbon Intensity Indicator (CII) scores …

International VPN Day

International VPN Day is August 19, why does that matter?

August 19th is International VPN Day. The event was first suggested by cybersecurity company NordVPN to remind …

%d bloggers like this: