The latest report by cybersecurity firm, Sophos revealed that there has been a surge in ransomware attacks against healthcare organizations globally this year.
The sector survey report, “The State of Ransomware in Healthcare 2024,” shows that 67% of healthcare institutions experienced ransomware attacks in the past year, marking a four-year high since 2021.
This rise contrasts with a declining ransomware trend in other sectors, where the overall attack rate dropped from 66% in 2023 to 59% in 2024.
Healthcare organizations have also faced longer recovery times from these cyberattacks. Only 22% of ransomware victims in the healthcare sector fully recovered within a week, down significantly from 47% in 2023 and 54% in 2022.
Furthermore, 37% of healthcare organizations took over a month to recover, highlighting the increasing severity and complexity of the attacks.
Healthcare as a prime target
Commenting on the findings of the company’s survey, Field CTO at Sophos, John Shier, said:
“While ransomware attacks are stabilizing or even declining across other industries, healthcare remains a prime target for cybercriminals.
“The sensitive nature of healthcare data and the industry’s need for constant accessibility make it particularly vulnerable. Unfortunately, many healthcare organizations are not adequately prepared to respond, leading to prolonged recovery times and severe consequences for patient care.”
- The report also revealed that the average cost of recovery from a healthcare ransomware attack has risen to $2.57 million in 2024, up from $2.2 million in 2023 and double the cost in 2021.
- In addition, over half (57%) of healthcare organizations that paid ransoms ended up paying more than the initial demand.
- It also pointed out that compromised credentials and exploited vulnerabilities each accounted for 34% of ransomware attacks, making them the top causes of breaches.
Other findings
According to the Sophos report, a staggering 95% of healthcare organizations hit by ransomware in the past year reported attempts by cybercriminals to compromise their backups during the attack.
- Also, organizations whose backups were compromised were more than twice as likely to pay the ransom to recover encrypted data, with 63% opting to pay compared to 27% whose backups remained secure.
- It added that Insurance providers contributed to ransom payments in 77% of cases, with 19% of the total ransom payment funding coming directly from insurers.
To guard against attacks, Shier emphasized the importance of a proactive approach to cybersecurity in healthcare, saying:
“Healthcare organizations need to combine advanced technology with continuous monitoring to detect and respond to threats effectively. A human-led approach is crucial to staying ahead of these determined adversaries.”
What you should know
Threats of ransomware attacks have become a major headache for businesses and governments all over the world.
Just recently, the Nigerian Computer Emergency Response Team (ngCERT) announced that there has been a significant increase in ransomware attacks by a ransomware group called Phobos, targeting critical cloud service providers within Nigeria’s national cyberspace.
- According to ngCERT, the attacks primarily affect providers of information technology and telecommunication services, including managed cloud services.
- The ngCERT, however, said it was actively working with vulnerable and affected organizations to resolve incidents and prevent further escalation.
- In 2023, ransomware attacks were the most prevalent form of cyberattack globally, accounting for 70% of total hits on businesses.