Investigation: Most healthcare organizations affected by ransomware have had their data encrypted
In 2020, 34% of healthcare organizations around the world were affected by a ransomware attack, 65% of which said cybercriminals successfully encrypted their data in the largest attack, according to to a new report.
Posted by cybersecurity solutions provider Sophos, the report includes the results of a survey of 5,400 IT decision makers in 30 countries in January and February. Of the 5,400 respondents, 328 worked in the health sector.
Among the 65% who said that cybercriminals were successful in encrypting their data, 34% of those surveyed admitted to paying the ransom to get their data back. The average ransom payment is around $ 131,304. But, only around 69% of the encrypted data was restored after the ransom was paid.
The ransom payment rate may be due to the inability of healthcare facilities to restore their data from backups. Globally, only 44% of organizations were able to use backups to restore their data, according to the report.
Not only is data recovery a major challenge in the aftermath of ransomware attacks, so is cost management, with the total cost of recovery averaging $ 1.27 million for organizations. health care.
Looking ahead, almost two-thirds of healthcare respondents (63%) – who said they had not suffered any ransomware attacks in the past year – expect to be affected by ‘to come up.
More than half of these respondents (57%) believe they will be victims of ransomware attacks because other healthcare organizations have been targeted. Additionally, 55% of those surveyed said that ransomware attacks are increasingly difficult to stop due to their sophistication and 39% said they are already experiencing an increase in attempted ransomware attacks.
Of the 79 healthcare respondents whose organizations were not affected by ransomware in the past year and who do not expect to be in the future, 65% said they had trained healthcare staff. computer security capable of stopping these attacks and 54% said they had anti-ransomware technology. .
Additionally, 42% said they purchased cybersecurity insurance, which will protect them against ransomware attacks in the future. But that’s a misconception because insurance can help organizations cope with the consequences of an attack, but it can’t help prevent an attack, the report’s authors wrote.
But most healthcare organizations don’t place their trust in cybersecurity insurance alone. About 89% said they have a malware incident recovery plan in place. About half (49%) have a complete and detailed plan and 40% have a partially developed plan.
“The best way to prevent a cyber attack from turning into a total breach is to prepare in advance,” the authors wrote. “Organizations that fall victim to an attack often find that they could have avoided a lot of cost, suffering and disruption if they had an incident response plan in place. “
Photo: WhataWin, Getty Images