Healthcare Organisations Struggle Against Ransomware As Encryption Rates Hit A Three-Year High

A recent survey conducted by Sophos, a global leader in cybersecurity, has shed light on the escalating challenges faced by healthcare organisations in combatting ransomware attacks. The report, titled "The State of Ransomware in Healthcare 2023," reveals a concerning trend, with cybercriminals successfully encrypting data in nearly 75 per cent  of surveyed ransomware attacks. This marks the highest encryption rate in the past three years, representing a substantial increase from the 61 per cent reported in the previous year.

Of particular concern is the diminishing ability of healthcare organisations to disrupt ransomware attacks before data encryption. The survey indicates that only 24 per cent of organisations managed to thwart attacks before data encryption, showcasing the lowest rate of disruption reported by the sector in the past three years. This decline is indicative of the healthcare sector losing ground against cyber attackers, struggling to detect and halt attacks in progress.

Chester Wisniewski, Director and Field CTO at Sophos, emphasises the growing sophistication of ransomware attacks, coupled with an accelerated attack timeline. The median time from the start of a ransomware attack to detection was a mere five days, indicating the urgency for a modernised defensive approach against cyber threats.

Key findings from the report include:

• In 37 per cent of ransomware attacks where data was encrypted, data was also stolen, suggesting a rise in the “double dip” method.
• Healthcare organisations are taking longer to recover, with 47 per cent recovering in a week, compared to 54 per cent last year.
• Compromised credentials were identified as the leading root cause of ransomware attacks, followed by exploits.
• The overall number of ransomware attacks against healthcare organizations declined from 66 per cent in 2022 to 60 per cent this year.
• The number of healthcare organisations paying ransom payments decreased from 61 per cent last year to 42 per cent this year, below the cross-sector average of 46 per cent.

In response to these challenges, Sophos recommends several best practices, including strengthening defensive shields with robust security tools, implementing Zero Trust Network Access (ZTNA), adopting adaptive technologies for automatic response, and ensuring 24/7 threat detection and response.