New Delhi: The rate of ransomware attacks against healthcare units has reached a four-year high (67%) in 2024 since 2021, revealed the latest ‘The State of Ransomware in Healthcare 2024‘ sector survey report by Sophos – the global security solutions provider.
Ransomware attacks impacted two-thirds (67%) of these survey healthcare organisations in 2024 compared to 60% in 2023. The rising rate of ransomware attacks against healthcare institutions contrasts with the declining rate of ransomware attacks across sectors; the overall rate of ransomware attacks fell from 66% in 2023 to 59% in 2024, the report stated.
Alongside an increase in the rate of ransomware attacks, the healthcare sector reported increasingly longer recovery times. Only 22% of ransomware victims fully recovered in a week or less, a considerable drop from the 47% reported in 2023 and 54% in 2022. In addition, 37% took more than a month to recover, up from 28% in 2023, reflecting the increased severity and complexity of attacks.
“While we’ve seen the rate of ransomware attacks reach a kind of “homeostasis” or even declining across industries, attacks against healthcare organisations continue to intensify, both in number and scope. The highly sensitive nature of healthcare information and the need for accessibility will always place a bullseye on the healthcare industry from cybercriminals,” said John Shier, Field CTO of Sophos.
“Unfortunately, cybercriminals have learned that few healthcare organisations are prepared to respond to these attacks, demonstrated by increasingly longer recovery times. These attacks can have immense ripple effects, as we’ve seen this year with major ransomware attacks impacting the healthcare industry and impacting patient care,” added Shier.
“To combat these determined adversaries, healthcare organisations must adopt a more proactive, human-led approach to threat detection and response, combining advanced technology with continuous monitoring to stay ahead of attackers,” recommended Shier.
Additional findings from the report include:
· Ransom Recovery Costs Surge: The mean cost of recovery in a healthcare ransomware attack was $2.57 million in 2024, up from $2.2 million in 2023 and double the 2021 cost
· Ransom Demands vs Payments: 57% of healthcare institutions that paid the ransom ended up paying more than the original demand
· Root Cause of Attack: Compromised credentials and exploited vulnerabilities were tied for the number one root cause of attack, each accounting for 34% of attacks
· Backups Targeted: 95% of healthcare units hit by ransomware in the past year said that cybercriminals attempted to compromise their backups during the attack.
· Increased Pressure: Organisations whose backups were compromised were more than twice as likely to pay the ransom to recover encrypted data (63% vs. 27%)
· Who Pays the Ransom: Insurance providers are heavily involved in ransom payments, contributing in 77% of cases. 19% of total ransom payment funding comes from insurance providers