SECURITY
SOPHOS REVEALS RANSOMWARE HITS 75 % OF SURVEYED HEALTHCARE ORGANISATIONS
Sophos , a global leader in innovating and delivering cybersecurity as a service , today shared its sector survey report , The State of Ransomware in Healthcare 2023 , which revealed that , among those organisations surveyed , cybercriminals successfully encrypted data in nearly 75 % of ransomware attacks . This is the highest rate of encryption in the past three years and a significant increase from the 61 % of healthcare organisations that reported having their data encrypted last year .
In addition , only 24 % of healthcare organisations were able to disrupt a ransomware attack before the attackers encrypted their data – down from 34 % in 2022 ; this is the lowest rate of disruption reported by the sector over the past three years .
Additional key findings from the report include :
» In 37 % of ransomware attacks where data was successfully encrypted , data was also stolen , suggesting a rise in the ‘ double dip ’ method
» Healthcare organisations are now taking longer to recover , with 47 % recovering in a week , compared to 54 % last year
» The overall number of ransomware attacks against healthcare organisations surveyed declined from 66 % in 2022 to 60 % this year
» Compromised credentials were the number one root cause of ransomware attacks against healthcare organisations , followed by exploits
» The number of healthcare organisations surveyed that paid ransom payments declined from 61 % last year to 42 % this year . This is lower than the cross-sector average of 46 %
José Antonio Alcaraz Pérez , Head of Information Systems and Communications at Cruz Red Andalusia , said : “ In 2016 , the Red Cross Hospital of Córdoba in Spain suffered a ransomware attack that reached servers and encrypted hundreds of files , medical records and other important patient information . It was a major disruption to our operations and interfered with our ability to care for our patients . The stakes are high in ransomware attacks against healthcare organisations – and attackers know that – meaning we ’ ll always be a target . After this ransomware attack , we worked hard with Tekpyme to bolster our defences and now we have reduced our incident response time by 80 %. I think the industry is making improvements , but there is still work to do , because of the constantly changing nature of cybercrime ”.
Sophos recommends the following best practices to help defend against ransomware and other cyberattacks by strengthening defensive shields :
» Security tools such as endpoint protection with strong anti-ransomware and anti-exploit capabilities » Zero Trust Network Access » Adaptive technologies that respond automatically to attacks » 24 / 7 threat detection , investigation and response » Optimise attack preparation , including regular backups , practising data recovery etc .
» Maintain security hygiene �
www . intelligenthealth . tech 57