Ransomware Attacks Remain Prevalent in Healthcare, Report Finds

Dec. 19, 2018
More than one-in-four (27 percent) North America-based health IT employees admit that their employer has experienced a ransomware cybersecurity attack within the past year, according to Kaspersky Lab’s latest report.

More than one-in-four (27 percent) North America-based health IT employees admit that their employer has experienced a ransomware cybersecurity attack within the past year, according to cybersecurity company Kaspersky Lab’s latest report, “Cyber Pulse: The State of Cybersecurity in Healthcare.”

Employees of healthcare organizations in the U.S. and Canada, who admit their awareness of a ransomware cybersecurity attack, also claim that it wasn’t a one-time occurrence—with a third (33 percent) claiming it happened more than once.

The findings from the report—which include responses from nearly 1,800 employees based in healthcare organizations, in a variety of roles, ranging from doctors and surgeons, to admin and IT staff—“uncover a continuous pattern of ransomware cybersecurity attacks plaguing organizations in the healthcare industry, while also providing insight on employee perceptions and behaviors related to cybersecurity in the workplace,” according to the authors.

Data breaches heavily targeting healthcare organizations, such as WannaCry, have brought attention to the vulnerabilities that exist in the industry, making healthcare organizations an even bigger target for cybercriminals. There have been more than 100 hacking/IT-related healthcare organization incidents affecting 500 or more individuals in the U.S. alone this year, according to the U.S. Department of Health and Human Services (HHS).

Of those healthcare employees aware of a cyberattack occurring, 85 percent of Canadians and 78 percent of Americans claim to have experienced up to five ransomware cybersecurity attacks in the past five years or more. “The research shows that the industry is not learning from its mistakes and continues to suffer. Even though the healthcare industry has its cybersecurity challenges and has lost many battles to cybercriminals, healthcare employees do care about the protection of the organization,” the report’s authors stated.

The top reason healthcare employees care about having cybersecurity measures in place at their organization is to protect patients (71 percent), according to the survey. In addition, three out of five people (60 percent) claim they care because they want to protect people and organizations they work with, and nearly a third of respondents (31 percent) say they care because they do not want to lose their job as a result of not having appropriate cybersecurity measures.

What’s more, just over a fifth of respondents (21 percent) said that they don’t think their organization would suffer a data breach in the forthcoming year and 23 percent claim they are confident in the organization’s strategy.

Sponsored Recommendations

Improving Workplace Safety and Patient Care in Behavioral Health

In 2023, Vail Health enhanced safety in their behavioral health clinic, but the impact went beyond their expectations. Read their case study to see how prioritizing workplace ...

Transforming Hospital Capacity Through Smarter Patient Progression Strategies

Helping patients move seamlessly through every stage of their care, from admission to discharge, is critical to ensuring patient safety, improving outcomes, and optimizing capacity...

Beyond the AI Buzz: How Clinicians Can Leverage AI for Value-Based Success

Watch on-demand to explore the impact of implementing AI in primary care settings to reduce burnout and thrive in value-based care. Including practical takeaways on driving clinician...

Building the Connected Hospital: Bridging Operational Gaps Through Technology

Join industry leaders to explore how advanced technologies like RFID, AI, EMR, and ERP systems are transforming hospitals into connected ecosystems that enhance efficiency, streamline...