Close Menu
Subscribe
News & Analysis

Healthcare Pays More Ransom Demands, But Get Less Data Back

ISBuzz TeamBy Updated:2 Mins Read
healthcare 1

According to a new Sophos report, State of Ransomware in Healthcare 2022, twice as many healthcare organizations paid the ransom in 2021 vs 2020. Though they paid the ransom, only 2% got all of their data back. Interviews with 381 it enterprises in 31 countries revealed the following:

  • Ransomware attacks on healthcare almost doubled – 66% of healthcare organizations surveyed were hit by ransomware in 2021, up from 34% in 2020
  • Healthcare is most likely to pay the ransom, ranking first with 61% of organizations paying the ransom to get encrypted data back, compared with the global average of 46%; this is almost double than 34% who paid the ransom in 2020
  • Healthcare pays the least ransom amount – US$197K was the ransom amount paid by healthcare in 2021 compared with the global average of US$812K
  • Less data is recovered after paying the ransom – healthcare organizations that paid the ransom got back only 65% of their data in 2021, down from 69% in 2020; furthermore, only 2% of those that paid the ransom in 2021 got ALL their data back, down from 8% in 2020
  • High incident cost – healthcare ranked second highest at US$1.85M in terms of the average cost to rectify ransomware attacks compared with the global average of US $1.40M
  • Long recovery time from ransomware attacks – 44% of healthcare organizations that suffered an attack in the last year took up to a week to recover from the most significant attack, whereas 25% of them took up to one month
  • Low cyber insurance coverage in healthcare – only 78% of healthcare organizations have cyber insurance coverage compared with the global average of 83%
  • Cyber insurance driving better cyber defenses – 97% of healthcare organizations with cyber insurance have upgraded their cyber defenses to improve their cyber insurance position
  • Cyber insurance almost always pays out – in 97% of incidents where the healthcare organization had cyber insurance that covered ransomware, the insurer paid some or all the costs incurred (with 47% overall covering the ransom payment)

About the Author

The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Share.

Related Posts

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

Working With Us

Write For Us

The Pages