More than three-quarters of healthcare survey respondents said their organizations were targeted by ransomware in the past 12 months, and 53% of those attacks were successful, highlighting the ongoing challenge of combatting healthcare cyberattacks.
The survey was commissioned by cybersecurity company Semperis and conducted by the market research firm Censuswide.
Censuswide surveyed 1,500 IT and security professionals across multiple industries, including healthcare. Globally, the results across all industries showed fewer reported ransomware attacks in the last 12 months compared to the year before. However, organizations across all sectors are still paying ransoms at high rates, and 55% of all respondents reported paying multiple times.
Within healthcare specifically, 40% of respondents experienced one ransomware attack, while 42% experienced two attacks. What’s more, 12% of healthcare respondents experienced multiple attacks simultaneously, and 35% had between one and six days between attacks.
Approximately 53% of healthcare respondents also reported paying ransoms. More than half of healthcare respondents paid $500,000 or less in ransom payments, but 39% paid between $500,000 and $1 million.
Despite these figures, healthcare fared better than every other sector included in the report when it came to ransom payments. For example, 75% of respondents in the IT and telecommunications sector reported paying ransoms. Additionally, 77% and 57% of respondents in finance and government reported paying ransoms, respectively.
“Paying ransoms should never be the default option. While some circumstances might leave the company in a no-choice situation, we should acknowledge that it’s a down payment on the next attack,” Semperis CEO Mickey Bresman said in the report.
“Every dollar handed to ransomware gangs fuels their criminal economy, incentivizing them to strike again. The only real way to break the ransomware scourge is to invest in resilience, creating an option to not pay ransom.”
Globally, results show that paying the ransom does not guarantee payment — 15% of global ransomware victims who paid either received corrupted decryption keys or did not receive keys at all. Others received usable keys but later discovered that the cyberthreat actors had published their stolen data anyway.
In healthcare, 78% of respondents who experienced ransomware attacks in the past 12 months said that the attack compromised their identity infrastructure. Additionally, the incidents resulted in data breaches, brand damage and job losses.
An increased focus on cyber resilience is the key to reducing risk, Semperis suggested. A panel of experts who contributed to the report recommended preparing for changing ransomware development and deployment tactics, documenting and testing ransomware response efforts and evaluating the security of partners and supply chain vendors.
“I do believe that we can make ransomware a shocking anomaly,” said Jen Easterly, former director of the Cybersecurity and Infrastructure Agency and a contributor to the Semperis report.
“And that is the world I want to live in: a world where software vulnerabilities are so rare that they make the nightly news, not the morning meeting. A world where cyberattacks are as infrequent as plane collisions. I do believe we can get there.”
Jill McKeon has covered healthcare cybersecurity and privacy news since 2021.
