|
Sophos, a global leader in next-generation cybersecurity, has now seen that global healthcare organisations grapple ransomware attacks and aggressively work on data recovery.
The silver lining, however, is that healthcare organizations are getting better at dealing with the aftermath of ransomware attacks, according to a survey data. The report shows that 99% of those healthcare organizations hit by ransomware got at least some of their data back after cybercriminals encrypted it during the attacks, said John Shier, senior security expert, Sophos.
“Ransomware in the healthcare space is more nuanced than other industries in terms of both protection and recovery,” Shier said.
“The data that healthcare organizations harness is extremely sensitive and valuable, which makes it very attractive to attackers. In addition, the need for efficient and widespread access to this type of data – so that healthcare professionals can provide proper care – means that typical two-factor authentication and zero trust defense tactics aren’t always feasible. This leaves healthcare organizations particularly vulnerable, and when hit, they may opt to pay a ransom to keep pertinent, often lifesaving, patient data accessible, he added.
Due to these unique factors, healthcare organizations need to expand their anti-ransomware defenses by combining security technology with human-led threat hunting to defend against today’s advanced cyber attackers, noted Shier.
More healthcare organizations are now opting for cyber insurance, but 93% of healthcare organizations with insurance coverage report finding it more difficult to get policy coverage in the last year. With ransomware being the single largest driver of insurance claims, 51% reported the level of cybersecurity needed to qualify is higher, putting a strain on healthcare organizations with lower budgets and less technical resources available, observed Shier.
The company in its latest sectoral survey report, tilted State of Ransomware in Healthcare 2022 has gathered that 94% increase in ransomware attacks on the healthcare organizations surveyed in this sector. In 2021, 66% of healthcare organizations were hit and 34% were struck in the previous year.
The findings also indicated that healthcare organizations had the second-highest average ransomware recovery costs with $1.85 million, taking one week on average to recover from an attack. Now 67% of healthcare organizations think cyberattacks are more complex, based on their experience of how cyberattacks changed over the last year; the healthcare sector had the highest percentage.
While healthcare organizations pay the ransom most often which is 61%, they’re paying the lowest average ransoms, $197,000, compared with the global average of $812,000 across all sectors in the survey. Further of those organizations that paid the ransom, only 2% got all their data back and 61% of attacks resulted in encryption which is 4% less than the global average of 65%.
Following the findings, Sophos experts recommend best practices like installing and maintaining high-quality defenses across all points in the organization’s environment. There is need to review security controls regularly. There is a need to strengthen the IT environment by searching unpatched devices, unprotected machines and open Remote Desktop Protocol ports.
Noting that extended Detection and Response (XDR) solutions are ideal for helping to close these gaps, the company said it was important to backup data so that the organization can get running as soon as possible, with minimum disruption.
|