Illustration: Supimol Kumying | Shutterstock
Researchers have published a study looking into the US healthcare industry’s struggles with cybersecurity, especially ransomware. The report claims that out of the 402 US healthcare organisations surveyed, 67 per cent were hit by ransomware in 2023, paying as much as $4.4 million in ransom and losing up to $900,000 in downtime. This makes healthcare one of the most lucrative targets for ransomware-as-a-service (RaaS) groups.
The report, published by Microsoft, sourced the aforementioned numbers from the State of Ransomware in Healthcare 2024 report from Sophos. Across all affected organisations, 53 percent admitted to paying ransoms in 2024, an increase from 42 percent in 2023. These cyberattacks affect more than just hospitals—they also impact smaller clinics and doctors in adjacent areas who tend to patients during emergencies.
Microsoft researchers compared the effects of ransomware attacks against four hospitals to find that they increase patient volume by 15 percent, wait room time by as much as 50 percent, the number of confirmed strokes by 113 percent, and cardiac arrest cases by up to 81 percent.
Healthcare has become one of the primary targets of ransomware groups simply because it’s seemingly the most likely to pay the ransom demanded by cybercriminals, likely to get their operations back on track as quickly as possible. Unlike a conventional company dealing with a cyberattack, healthcare organisations don’t have the luxury of time to recover from and investigate such attacks. Considering they’re dealing with life-and-death situations, healthcare organisations often pony up millions in ransom payments to avoid disruption of care and in the interest of patient healthcare data.
Most of these cyberattacks come from Russia, Iran, and China. Russia is a known safe harbour for ransomware groups and other cybercriminals targeting US infrastructure. Chinese groups also attack US healthcare organisations as a cover for government-sponsored espionage missions. Finally, Iranian groups have been the most active when it comes to attacking US healthcare organisations in 2024.
In the News: WazirX releases first Proof of Reserves after the July hack