State of Healthcare Ransomware in 2022: Key Takeaways

Medicus IT

By Medicus IT

The rise in healthcare ransomware attacks reveals the challenging landscape of healthcare cybersecurity. A recent report from Sophos shines light on the burden ransomware places on the healthcare sector today and emphasizes the importance of solid cyber defenses. 

Ransomware attacks are becoming more large-scale and advanced, making even the smallest weakness in cybersecurity a vulnerability. The serious financial impacts of ransomware attacks in 2022 serve as a reminder to tighten cybersecurity and prepare for data breaches.

How Common is Ransomware in Healthcare?

IT professionals are calling ransomware in healthcare a “digital pandemic.” Sixty-six percent of healthcare organizations were hit by ransomware attacks last year, according to Sophos’ 2022 study of 5,600 IT professionals. This was almost twice that of 2020, when only 34% of organizations experienced ransomware attacks. 

Medicus IT infographic with pie charts illustrating how common ransomware is in healthcare

This astounding increase demonstrates attackers’ abilities to execute significant attacks at a larger scale than we’ve ever seen. The growing ransomware-as-a-service model allows for large-scale attacks by reducing the skill required to deploy an attack. 

Compared to other sectors, healthcare saw the highest increase in the volume and complexity of cyber attacks. Healthcare is a desirable target for ransomware, given the sensitive nature of health data. Healthcare facilities also tend to utilize vulnerable operating systems and lag behind other industries in terms of security controls. As ransomware in healthcare continues to grow, so does the need for vigilant security and preparation.

How Does Ransomware Impact Healthcare?

Ransomware attacks in healthcare are increasingly common because attackers realize healthcare organizations have much to lose when data is breached. Thankfully, organizations have gotten better at getting encrypted data back, with backups as the number one method. Although healthcare organizations are relying on backups, research also revealed that a staggering 61% of healthcare organizations that were attacked paid a ransom to restore data. 

It’s understandable why healthcare is the most likely sector to pay ransoms. Healthcare is heavily dependent on patient data to continue operating. Lack of data and delays from healthcare ransomware can also delay patient care, proving to be catastrophic in some situations. For these reasons, healthcare organizations feel left with no other choice than to pay the ransom.

While many healthcare organizations paid ransoms, they received an average of just 65% of their data back. Unfortunately, chances are slim that all data will be recovered following an attack. This cycle of constant data loss and payouts disrupts the business revenue of healthcare facilities and jeopardizes their operational success. 

Medicus IT percentage of healthcare organizations that paid ransom

What is the Cost of Healthcare Ransomware Attacks?

The study showed that healthcare organizations had an average ransom payment of $197,000, with the total amount of ransom payments increasing by 33% compared to 2020. The cost of ransomware healthcare attacks is increasing significantly, threatening the longevity of healthcare facilities.

After a ransomware attack comes the remediation process in which the organization must swiftly address vulnerable systems and recover from the attack's impact. Sophos found the average remediation cost of a ransomware attack on healthcare to be a whopping $1,850,000 in 2021 — a significant increase from $1,270,000 in 2020. Recovery time averaged one week, with more serious attacks taking up to a month to recover from. If operations are affected during recovery time, facilities lose the ability to provide critical patient care and experience significant revenue loss.

Medicus IT infographic what is the cost of healthcare ransomware attacks

Healthcare organizations are finding it increasingly difficult to secure cyber insurance. Due to the high rate of ransomware in the healthcare sector, insurance policies often have exceptions and exclusions that leave organizations to cover the full cost of an attack. Insurance providers are also cracking down on required cyber defenses to receive coverage. Fortunately, this is driving improvements in healthcare, as 97% of healthcare organizations with cyber insurance made changes to cyber defenses in the last year to improve their insurance position.

How Can You Protect Your Healthcare Organization from Ransomware?

The increase in ransomware attacks serves as a reminder that protecting your healthcare organization’s data should be a top priority. The challenge of securing cyber insurance also makes improving cyber defenses a critical first step. Defending your organization from ransomware begins with high-quality defenses, monitoring, and restoration planning.

Medicus IT offers the expertise your organization needs to prepare against healthcare ransomware attacks. With multilayered cybersecurity solutions, active monitoring, and always-on support, our expert team can help safeguard your organization from ransomware attacks so you can focus on day-to-day operations and patient care.

Our team at Medicus is ready to help you raise your IT defenses and help secure your organization from cyber threats. Contact us today to ensure the safety of your data.