Health Sector Endures Wave of Ransomware Assaults, Reaching Four-Year Peak
In a concerning development, the cybersecurity company Sophos has released its report titled "The State of Ransomware in Healthcare 2024". The report sheds light on the escalating ransomware attacks against healthcare organisations, with 67% of the surveyed institutions being impacted in the past year – a rise from 60% in 2023.
According to the report, insurance providers are heavily involved in ransom payments, contributing in 77% of cases. A significant portion of the total ransom payment funding comes from these providers, amounting to 19%. However, the search results do not specify which insurers have provided financing for ransom payments in 77% of these cases.
The report also highlights the alarming trend of longer recovery times from ransomware attacks in the healthcare sector. Only 22% of ransomware victims fully recovered in a week or less, a significant drop from the 47% reported in 2023 and 54% in 2022. In addition, 37% took more than a month to recover, up from 28% in 2023.
John Shier, Sophos Field CTO, stated that ransomware attacks against healthcare organizations continue to intensify. The highly sensitive nature of healthcare information and the need for accessibility make healthcare institutions a prime target for cybercriminals.
Compromised credentials and exploited vulnerabilities were tied for the number one root cause of attack, each accounting for 34% of attacks. The report suggests that healthcare organisations must adopt a more proactive, human-led approach to threat detection and response, combining advanced technology with continuous monitoring to stay ahead of attackers.
The report explores the full victim journey of ransomware attacks on 402 healthcare organisations. It was found that organisations whose backups were compromised were more than twice as likely to pay the ransom to recover encrypted data (63% v. 27%). Moreover, 95% of healthcare organisations hit by ransomware in the past year said that cybercriminals attempted to compromise their backups during the attack.
The overall rate of ransomware attacks across sectors decreased from 66% in 2023 to 59% in 2024. However, the healthcare sector reported increasingly longer recovery times from ransomware attacks, with the mean cost of recovery in a healthcare ransomware attack being USD 2.57 million in 2024, up from USD 2.2 million in 2023 and double the 2021 cost.
The report concludes by emphasising the need for healthcare organisations to prioritise cybersecurity measures to protect their sensitive data and ensure swift recovery in the event of a ransomware attack. The report was based on a survey of 5,000 cybersecurity/IT leaders across 14 countries and 15 industry sectors.
