Sophos: Ransomware Attacks on Healthcare Nearly Doubled in 2021

Sophos, a UK-based cybersecurity vendor, has published a new report pointing to a massive increase in ransomware attacks in the healthcare sector. Entitled “The State of Ransomware in Healthcare 2022,” the findings reveal a 94% increase in ransomware attacks on the organizations surveyed in this sector. In 2021, 66% of healthcare organizations were hit; 34% were hit the previous year.

According to the report, healthcare organizations had the second-highest average ransomware recovery costs with $1.85 million, taking one week on average to recover from an attack. Two-thirds of healthcare organizations think cyberattacks are more complex, based on their experience of how cyberattacks have changed over the last year. While healthcare organizations pay the ransom most often (61%), they’re paying the lowest average ransoms, $197,000, compared with the global average of $812,000 across all sectors in the survey.

“Ransomware in the healthcare space is more nuanced than other industries in terms of both protection and recovery,” said John Shier, senior security expert at Sophos. “The data that healthcare organizations harness is extremely sensitive and valuable, which makes it very attractive to attackers. In addition, the need for efficient and widespread access to this type of data – so that healthcare professionals can provide proper care – means that typical two-factor authentication and zero trust defense tactics aren’t always feasible. This leaves healthcare organizations particularly vulnerable, and when hit, they may opt to pay a ransom to keep pertinent, often lifesaving, patient data accessible. Due to these unique factors, healthcare organizations need to expand their anti-ransomware defenses by combining security technology with human-led threat hunting to defend against today’s advanced cyber attackers.”

More healthcare organizations (78%) are now opting for cyber insurance, but 93% of healthcare organizations with insurance coverage report finding it more difficult to get policy coverage in the last year. With ransomware being the single largest driver of insurance claims, 51% reported the level of cybersecurity needed to qualify is higher, putting a strain on healthcare organizations with lower budgets and fewer technical resources available.

The silver lining, however, is that healthcare organizations are getting better at dealing with the aftermath of ransomware attacks, according to the survey data. The report shows that 99% of those healthcare organizations hit by ransomware got at least some their data back after cybercriminals encrypted it during the attacks. Of those organizations that paid the ransom, only 2% got all their data back.

The State of Ransomware in Healthcare 2022 survey polled 5,600 IT professionals, including 381 healthcare respondents, in mid-sized organizations (100-5,000 employees) across 31 countries.

Channel Impact^®
The data point to a strong opportunity for channel partners to take the lead in helping health care organization build well-rounded security strategies and provide ongoing upgrades.