What You Should Know:
– Cybercriminals have been highly successful in their ransomware attacks on healthcare organizations, according to a new survey conducted by Sophos. “The State of Ransomware in Healthcare 2023, report reveals nearly 75% of the surveyed healthcare organizations reported that their data was successfully encrypted by the attackers.
– In addition, only 24% of healthcare organizations were able to disrupt a ransomware attack before the attackers encrypted their data—down from 34% in 2022; this is the lowest rate of disruption reported by the sector over the past three years.
– Ransomware remains a pressing concern for the healthcare industry. It’s essential for healthcare organizations to stay vigilant and continuously adapt their cybersecurity measures to counter evolving threats and protect patient information.
Report Key Findings
The findings underscore the critical importance of robust cybersecurity measures in healthcare organizations. With the increasing frequency and sophistication of ransomware attacks, healthcare institutions must invest in advanced security solutions and incident response strategies to protect sensitive data and maintain uninterrupted healthcare services. Additional key findings from the report include:
- In 37% of ransomware attacks where data was successfully encrypted, data was also stolen, suggesting a rise in the “double dip” method
- Healthcare organizations are now taking longer to recover, with 47% recovering in a week, compared to 54% last year
- The overall number of ransomware attacks against healthcare organizations surveyed declined from 66% in 2022 to 60% this year
- Compromised credentials were the number one root cause of ransomware attacks against healthcare organizations, followed by exploits
- The number of healthcare organizations surveyed that paid ransom payments declined from 61% last year to 42% this year. This is lower than the cross-sector average of 46%
3 Best Practices to Protect Healthcare Orgs Against Ransomware, Cyberattacks
Sophos recommends the following best practices to help defend against ransomware and other cyberattacks:
- Strengthen defensive shields with:
- Security tools that defend against the most common attack vectors, including endpoint protection with strong anti-ransomware and anti-exploit capabilities
- Zero Trust Network Access (ZTNA) to thwart the abuse of compromised credentials
- Adaptive technologies that respond automatically to attacks, disrupting adversaries and buying defenders time to respond
- 24/7 threat detection, investigation and response, whether delivered in-house or by a specialized Managed Detection and Response (MDR) provider
- Optimize attack preparation, including regularly backing up, practicing recovering data from backups and maintaining an up-to-date incident response plan
3. Maintain security hygiene, including timely patching and regularly reviewing security tool configurations