top of page
  • Admin

Relentless Ransomware Strikes Making Healthcare Orgs Queasy

Published: July 25, 2022 on our newsletter Security Fraud News & Alerts Newsletter.

Hospitals and other healthcare organizations have long been a top target for ransomware attacks. Over time, this brand of cybercrime continues to grow rapidly, with stealthy upgrades made along the way. A recent study by Sophos “2022 State of Ransomware Report” finds these attacks against healthcare organizations have surged by 94%, nearly doubling the number of attacks each year.

Bad actors favor targeting healthcare because of the critical nature of the data their systems hold. Attackers know that encrypting this data can prevent an entire hospital from functioning properly, and worse. By putting lives at risk, hackers know these organizations are a ripe target for ransom demands being paid, and quickly.

The Sophos study finds that in 2020, 34% of healthcare organizations surveyed were ransomware victims. But just one year later in 2021, the number of victims totaled 66% – nearly twice that of the year before.

As ransomware attacks against healthcare continue to surge, it’s important to remember that it’s not just the institutions that suffer. Patients, medical and support staff, healthcare devices, and much more are at risk when lifesaving information is stolen and encrypted, making it useless to those needing it most.

In addition, attackers can also turn the stolen data into a blackmail threat, a kind of double-edged attack. While having the welfare of patients at risk is an enormous liability, so is the threat of publicly exposing the highly personal data of patients, healthcare staff, C-suite execs, and organization trade secrets.

Ransom Demands: To Pay or Not to Pay

The Sophos study finds in 2021, 61% of healthcare organizations hit by ransomware paid the ransom demand; more than all other industries worldwide. With the global average of ransom payments at 46% across all business sectors, healthcare alone has a 15% higher instance of ransom payouts worldwide.

The decision to pay a healthcare ransom or not is always risky. In fact, the FBI says paying-up only encourages further attacks. There’s also no guarantee that a paid ransom will return 100% of the hijacked data, including the decryption key needed to restore it. It’s like making a deal with the devil, especially since criminals aren’t exactly known for keeping their word.

Ransom demand payments aside, recovering from a ransomware attack is where the big bills for victims are highest. Healthcare averages $1.85 million to recoup from a ransomware attack, the second highest of all industry sectors surveyed. The global average cost of ransomware recovery is $1.4 million. Enter, cyber insurance…

According to Sophos, 83% of mid-sized organizations have cyber insurance, while the healthcare sector lags with 78% insured. But as these attacks continue to grow, cyber insurance becomes more difficult to get. Baseline security measures are now necessary to get insured, with 97% of the healthcare sector saying they’ve made these improvements so they’re better candidates for cyber insurance.

In the meantime, take a few steps to secure data and avoid having to pay a ransom if at all possible.

  • Be sure to back up all the important data needed to keep patients alive and healthy and keep the organization running.

  • Anti-virus and anti-malware software installed on every computer and device where it’s possible to do so is a great line of defense against a lot of malware that makes it past the perimeter products.

  • Always keep staff and all employees updated on the latest cyber threats and how to avoid becoming a victim.

  • Keep systems patched and updated so the bad actors cannot take advantage of known, unpatched security flaws.

Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at


bottom of page