Ransomware attacks on healthcare firms rise 94% in 2021, but sector copes with it better: report
In 2021, 66 percent of healthcare organisations were hit by ransomware attacks, compared to 34 percent in the previous year
Ransomware attacks on the healthcare sector have increased by 94 percent within organisation surveyed in the sector, according to a report published by Sophos, a global leader in next-generation cybersecurity.
The State of Ransomware in Healthcare 2022 report, however, also reveals a silver lining – healthcare organisations are getting better at dealing with the aftermath of ransomware attacks.
In 2021, 66 percent of healthcare organisations were hit by ransomware attacks, compared to 34 percent in the previous year.
The report also shows that 99 percent of healthcare organisations hit by ransomware got at least some their data back after cybercriminals encrypted it during the attacks.
Additional ransomware findings for the healthcare sector include:– Healthcare organisations had the second-highest average ransomware recovery costs with $1.85 million, taking one week on average to recover from an attack– 67 percent of healthcare organisations think cyberattacks are more complex, based on their experience of how cyberattacks changed over the last year– While healthcare organisations pay the ransom most often (61 percent), they’re paying the lowest average ransoms, $197,000, compared with the global average of $812,000 (across all sectors in the survey)– Of those organisations that paid the ransom, only 2 percent got all their data back– 61 percent of attacks resulted in encryption, 4 percent less than the global average of 65 percent
More healthcare organisations – at about 78 percent – are now opting for cyber insurance, but 93 percent of healthcare organisations with insurance coverage report finding it more difficult to get policy coverage in the last year.With ransomware being the single largest driver of insurance claims, 51 percent reported the level of cybersecurity needed to qualify is higher, putting a strain on healthcare organisations with lower budgets and less technical resources available.
In the light of the survey findings, Sophos experts recommend the following best practices for all organisations across all sectors:
– Install and maintain high-quality defenses across all points in the organisation’s environment. Review security controls regularly and make sure they continue to meet the organisation’s needs
– Harden the IT environment by searching for and closing key security gaps: unpatched devices, unprotected machines and open Remote Desktop Protocol ports. Extended Detection and Response (XDR) solutions are ideal for helping to close these gaps
– Make backups, and practice restoring from them so that the organisation can get back up and running as soon as possible, with minimum disruption
– Proactively hunt for threats to identify and stop adversaries before they can execute their attack – if the team lacks the time or skills to do this in house, outsource to a Managed Detection and Response (MDR) specialist
– Prepare for the worst. Know what to do if a cyber incident occurs and keep the plan updatedThe State of Ransomware in Healthcare 2022 survey polled 5,600 IT professionals, including 381 healthcare respondents, in mid-sized organizations (100-5,000 employees) across 31 countries.