A recent study has been conducted by Trend Micro to investigate the effect ransomware attacks are having on organizations in the health sector. Ransomware attacks continue to be a significant problem for the healthcare industry. Threat actors frequently launch ransomware attacks on organization’s critical IT systems, to restrict access to electronic medical records, postpone or cancel appointments, and create operational disruption.
Trend Micro, a cybersecurity firm, examined 145 healthcare organization’s business and IT decision-makers and compared the data to a worldwide study conducted by Sapio Research who assessed 2,958 IT security decision-makers across 26 different countries. In Trend Micro’s report, the researchers found that approximately a quarter of all data breaches are caused by ransomware. Moreover, in the period of 2017 to 2021, the number of ransomware attacks increased by over 100 percent and in 2022 so far, the number has increased by 13 percent. Additionally, approximately 57 percent of respondents stated that they had suffered a ransomware attack within the last 3 years. Study respondents have said that attacks of this nature can take a long time to recover from, with service disruptions lasting for weeks or even months thereafter. 56 percent of respondents said it took several days to recover, while 24 percent said it took two weeks to fully receive their systems.
Ransomware attacks increasingly frequently involve data theft, and if the ransom is paid, threats are made to sell or publicize the stolen material. This strategy has been so effective that some cybercriminal organizations have completely given up on ransomware and now just steal information and threaten to publish it if a ransom is not paid. According to 60% of the responding firms, the theft and exposure of sensitive data can cause reputational harm, compliance issues, and increased expenses for investigation and remediation.
With the continued increase in the number of ransomware attacks, health organizations appear to be adapting to the circumstances. According to the study, 95 percent of organizations said they are and will continue to promptly address software vulnerabilities. 91 percent of which, have developed further safeguards to prevent the delivery of malicious email attachments.
Trend Micro’s Technical Director Bharat Mistryhas asked the health sector to continue their efforts to prevent ransomware attacks. “In cybersecurity, we often talk in abstractions about data breaches and network compromise. But in the healthcare sector, ransomware can have a potentially very real and very dangerous physical impact. Operational outages put patient lives at risk. We can’t rely on the bad guys to change their ways, so healthcare organizations need to get better at detection and response and share the appropriate intelligence with partners to secure their supply chains.”