Healthcare organizations are having to pay millions to solve ransomware attacks

News
By
published

Two-thirds already hit by ransomware attacks in 2024

Ransomware attack on a computer
(Image credit: Kaspersky)

Healthcare organizations continue to be attractive targets for ransomware criminals, and these attacks are not only becoming more frequent, but also more expensive, with the average costing $2.57 million to recover from - a rise from $2.2 million the previous year, new research has claimed.

A report from Sophos found over two-thirds (67%) said they had been victims of a ransomware attack in 2024, up from 60% in 2023.

The complexity and sophistication of attacks is growing too, as 80% of organizations took over a week to recover, considerably more than the 46% reported in 2022.

Vulnerable targets

The healthcare industry has long been a lucrative target for cybercriminals, since organizations tend to hold highly sensitive information and need constant access to ensure patient safety.

Attackers primarily used exploited vulnerabilities and compromised credentials to gain access to the organizations, accounting for 34% of instances each. Criminals didn’t just go after the data, in 95% of attacks, hackers also went after organizations' backup. Understandably so, since a compromised backup means the ransom is twice as likely to be paid.

“Unfortunately, cybercriminals have learned that few healthcare organizations are prepared to respond to these attacks, demonstrated by increasingly longer recovery times.” said Chief Technical Officer at Sophos, John Shier.

“These attacks can have immense ripple effects, as we’ve seen this year with major ransomware attacks impacting the healthcare industry and impacting patient care”

Without huge cybersecurity budgets and often with outdated IT systems, healthcare institutions are exposed. Research suggested as much as 50% of IT systems would fall under the ‘legacy’ category, leaving them open to vulnerabilities.

With cybercriminals becoming more successful and more destructive, Shier calls for a more proactive, ‘human-led’ approach to threat detection, calling for continuous monitoring to stay ahead of cybercriminals.

More from TechRadar Pro

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.