Securing Healthcare: Paying the ransom only got 69% of the data back in healthcare

ResourcesCampaignsThreats & Malware

Use this Sophos marketing campaign to explain the many ways in which Sophos can help healthcare organizations stay secure without slowing down the delivery of vital services.

Jun 01 2021 By

The State of Ransomware in Healthcare 2021 report provides deep insight into the prevalence and impact of ransomware in the healthcare sector. The report also compares the experiences of healthcare with other industries and reveals the future expectations and readiness of healthcare organizations in the face of these attacks.

“Ineffective cyber security is a clear and present danger to patient safety … cyber incidents can significantly disrupt health and care systems and directly contribute to patient harm.”

Institute of Global Health Innovation, Imperial College London

Based on a survey of 328 healthcare IT managers in mid-sized organizations in 30 countries across the globe, the report reveals that just over a third of healthcare organizations (34%) were hit by ransomware last year, which is actually slightly below the global cross-sector average of 37%.

Attackers have a higher success rate at encrypting healthcare data

Among the healthcare organizations that were hit by ransomware, 65% said their data was encrypted – compared with the cross-sector average of 54%. Globally 39% of organizations were able to stop the attack before the data was encrypted, dropping to just 28% in healthcare. This reduced ability to stop an attack may be a reflection of the financial and resourcing challenges that the healthcare sector faces, partly due to a reluctance to divert funds to cybersecurity that could be used for frontline patient care.

Healthcare is more likely to pay the ransom and less likely to backup

Among the healthcare organizations whose data was encrypted, 34% paid the ransom compared with a cross-sector average of 32%. This may be because healthcare was less able to restore data from backups than almost all other sectors:  on average 57% of organizations used backups to get their data back,  – this came down to only 44% in healthcare, the second lowest across all sectors.

Paying the ransom only gets 69% of the data back

What attackers omit when issuing ransom demands is that even if you pay, your chances of getting all your data back are slim. 25 healthcare respondents who paid the ransom to get their data back got back, on average, just 69% of their data, leaving a considerable proportion of their data inaccessible.

Educate customers and prospects and generate demand for your business

About the Author

Puja is a Senior Marketing Manager overseeing Solutions Marketing at Sophos. With over 14 years of cybersecurity experience, she has authored a number of assets on specific industries and global regulatory compliance topics. Her role is to help customers understand the Sophos solution for their cybersecurity problems.