Report: 1/3 of Healthcare Orgs Fell Victim to Ransomware Attack in Last Year

June 25, 2021
A cross-industry analysis finds that healthcare actually fared slightly better than the global average across all sectors

Another report points to the troubling trend of ransomware incidents in healthcare, with this latest research finding that more than a third of responding organizations (34 percent) were hit with such an attack in the past year.

The report, from IT security company Sophos, explores the prevalence of ransomware in healthcare, its impact on victims, the cost to remediate ransomware attacks, and the proportion of data victims were able to recover after they paid the ransom. The survey also reveals how healthcare stacks up with other sectors, as well as future expectations and readiness of healthcare organizations in face of these attacks.

For the research, Sophos commissioned independent research house Vanson Bourne to survey 5,400 IT decision makers across 30 countries. Respondents came from a wide range of sectors, including 328 respondents from healthcare, and the survey was conducted in January and February 2021. Of the 5,400 respondents, 328 were from the healthcare sector and come from all geographic regions surveyed: the Americas, Europe, the Middle East, Africa, and Asia Pacific.

Key survey findings related to the healthcare sector include:

  • 34 percent of healthcare organizations were hit by ransomware in the last year.
  • 65 percent that were hit by ransomware in the last year said the cybercriminals succeeded in encrypting their data in the most significant attack.
  • 44 percent of those whose data was encrypted used backups to restore data.
  • 34 percent of those whose data was encrypted paid the ransom to get their data back in the most significant ransomware attack.
  • However, on average, only 69 percent of the encrypted data was restored after the ransom was paid (the surveyors noted that this question generated a low response rate).
  • 89 percent of healthcare organizations have a malware incident recovery plan.
  • The average bill for rectifying a ransomware attack, considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc. was U.S. $1.27 million. Although this is a huge sum, it’s also the lowest among all sectors surveyed.

What’s more, among the organizations not hit last year, 41 percent said they expected to be hit by ransomware in the future, while 24 percent were confident that they are safe from future attacks.

Interestingly, with just a little over a third of healthcare organizations reporting being hit by ransomware, healthcare actually fared slightly better than the global average across all sectors, which came in at 37 percent. Retail and education sectors experienced the highest number of ransomware attacks with 44 percent of respondents reporting being hit.

According to the surveyors, “the over-representation [of healthcare attacks] in the news reports is likely due to healthcare organizations’ obligations to make public an attack, where many commercial organizations are able to keep the bad news private.” Thus, they believe, “it’s perhaps a welcome surprise that this sector experiences below average numbers of attack.”

The research also revealed that when compared with other sectors globally, attackers have a much higher success rate in encrypting healthcare data (65 percent) than the global average (54 percent). Healthcare organizations also fall behind the global average in their success rate at stopping attacks before the data could be encrypted: 28 percent vs. 39 percent.

Meanwhile, healthcare is one of the sectors most likely to pay the ransom, with 34 percent of respondents whose data was encrypted admitting to paying the ransom compared with a cross-sector average of 32 percent. This may be due to the pressures on healthcare teams to ensure continuity of service, the researchers offered. Among the healthcare respondents whose data was encrypted by cybercriminals after a ransomware attack, 93 percent got their data back. Of this cohort, just over a third (34 percent) paid the ransom to get the data back, while 44 percent restored the data using backups, and 15 percent used other means to get their data back.

To that end, a separate recent analysis from security company Comparitech found that based on the average ransom demand in 2020 being $169,446, hackers demanded an estimated $15.6 million in ransoms in ransomware attacks last year. And, hackers ended up receiving at least $2,112,744 in ransom payments, not counting other undisclosed amounts.

The Sophos research revealed that of the 357 respondents across sectors who reported that their organization paid the ransom, 282 also shared the exact amount paid, including 23 in healthcare.

In the end, the data helps validate what authorities often say: paying the ransom doesn’t always pay off. What attackers omit when issuing ransom demands is that even if the entity pays, the chances of getting all their data back are slim. On average, organizations that paid the ransom got back just 65 percent of their data, leaving over a third inaccessible.

They survey also showed that healthcare’s high rate of ransom payment may also be due to the inability of organizations in this sector to restore their data from backups. Globally, 57 percent of organizations whose data was encrypted were able to restore their data from backups. This drops, however, to just 44 percent in healthcare – the second lowest rate of all industries surveyed, only ahead of local government.

Sponsored Recommendations

2024's Healthcare Buyer Journey: New Research and Insights

Join us on April 30th for a webinar unveiling insights from the latest study on the Healthcare IT Buying Journey! Discover evolving challenges, effective health data management...

Improving care with AI-powered solutions

Don't miss our April 23rd webinar delving into the transformative impact of AI-powered solutions on healthcare. Join industry leaders Reid Conant and Dr. Patrick McGill as they...

Shield your health system against cyber threats

You won't want to miss out on this imperative April 4th webinar about how you can protect your healthcare organization. Join us to learn how to fortify your health system against...

Healthcare Trends 2024: Trends & Strategies for Future Success

Explore the future of healthcare in 2024 with insights from the Healthcare Industry Trends Report. Stay ahead of the curve as we delve into the latest industry developments and...