Sophos Finds Healthcare Sector Plagued by Ransomware Attacks

Sophos Finds Healthcare Sector Plagued by Ransomware Attacks

By Greg Tavarez

Ransomware attacks have surged in recent years; this has led to significant financial losses, data breaches and operational disruptions across various sectors. As of 2023, over 72% of organizations worldwide were affected by ransomware attacks, according to Statista.

That raises a question as to how malicious actors are able to successfully carry out these attacks on the majority of organizations. And one industry that is struggling to handle ransomware attacks is healthcare.

Not the government. Not business.


In fact, Sophos revealed in its “The State of Ransomware in Healthcare 2023” report that cybercriminals successfully encrypted data in nearly 75% of ransomware attacks. This is the highest rate of encryption in the past three years and a significant increase from the 61% of healthcare organizations that reported having their data encrypted last year.

Here’s how data encryption works, for those not familiar with it. In a typical ransomware attack, the malware encrypts the victim's data and demands a ransom in exchange for the decryption key. If the victim organization refuses to pay the ransom and has no backup copies of the data, the encrypted data could become inaccessible. This can be viewed as a form of data breach since the data is effectively locked away from the organization.

Here’s the troubling part. Less than one-fourth of healthcare organizations were able to disrupt a ransomware attack before the attackers encrypted their data — down from 34% in 2022, according to the report. This is the lowest rate of disruption reported by the sector over the past three years.

The percentage of organizations that successfully stop an attack before encryption is a strong indicator of security maturity,” said Chester Wisniewski, Director, Field Chief Technology Officer, Sophos. “For the healthcare sector, this number is declining, which suggests the sector is actively losing ground against cyberattackers and is increasingly unable to detect and stop an attack in progress.”

Wisniewski and the team at Sophos recommend that organizations enhance their cybersecurity defenses with a multifaceted approach. They should employ robust security tools capable of defending against common attack vectors, such as anti-ransomware and anti-exploit capabilities, to effectively mitigate threats.

Zero Trust Network Access, for example, prevents the misuse of compromised credentials, thus ensuring rigorous authentication processes and resource access limitations. There are also adaptive technologies that can automatically respond to attacks, disrupting adversaries and providing defenders with crucial response time. 24/7 threat detection, investigation and response capabilities that ensure cyberattacks are identified and addressed promptly, minimizing potential damage and data loss.

Sophos also recommends optimizing attack preparation and maintaining security hygiene. This includes regularly backing up data and keeping systems and software up to date. Maintaining an up-to-date incident response plan is essential, as it provides a structured approach for organizations to follow in the event of a security breach. Also, staying proactive in maintaining security hygiene reduces the likelihood of successful cyberattacks, as it closes potential entry points for attackers and keeps an organization's security posture strong.

“All organizations, especially those in healthcare, need to modernize their defensive approach to cybercrime, moving from being solely preventative to actively monitoring and investigating alerts 24/7 and securing outside help in the form of services like managed detection and response,” said Wisniewski.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

More Partners Look to Offer AI/ML Solutions, a Potential New Revenue Stream

By: Greg Tavarez    12/1/2023

A recent TD SYNNEX report revealed that 37% of partners have already incorporated AI/ML solutions into their offerings, and an additional 40% of partn…

Read More

Accenture Expands Footprint, Capabilities in Spain with Innotec Security Acquisition

By: Greg Tavarez    11/30/2023

Accenture expanded its capabilities and footprint in Spain, where 70% of CEOs from large organizations are concerned about their organizations' abilit…

Read More

Majority of Organizations Unprepared to Handle Targeted Cyberattack

By: Greg Tavarez    11/30/2023

The majority of CISOs and 53% of CEOs believe that their organization is unprepared to cope with a targeted cyberattack in the next 12 months, accordi…

Read More

Majority of IT Decision-Makers Opt for Service Provider Support in Cloud Migrations

By: Greg Tavarez    11/30/2023

Many IT leaders say they rely on service provider assistance for successful cloud migrations, according to a recent RapidScale study.

Read More

Alef and Frontera Collaborate and Expand Private Mobile Networks Platform Reach in Schools

By: Greg Tavarez    11/29/2023

Alef recently teamed up with Frontera Consulting Group to provide equal access to quality education, regardless of a student's economic background.

Read More