Led by University of Minnesota Public Health researchers, study Trends in Ransomware Attacks on U.S. hospitals, clinics, and other healthcare providers. Ky quantified the frequency and characteristics of ransomware attacks on the healthcare sector from 2016-2021.
WHY IT IMPORTANT
Ransomware groups often attack critical infrastructure such as energy, healthcare, and government. Additionally, the increasing frequency and severity of ransomware attacks targeting hospitals and healthcare organizations can disrupt operations and patient access. for weeks or even months.
Attack risk covers a number of issues – loss of access to critical health data, high costs to respond to and prevent cyberattacks and threats to patient safety individuals – have largely shifted their focus to protecting healthcare infrastructure.
For the study, public health researchers looked at the date of ransomware attacks, public reports, exposed personal health information, the state of encrypted data. /stolen after the attack, the type of healthcare provider affected, and the disruption to operations during an attack.
Some of the key findings are:
- Between 2016 and 2021, the annual number of ransomware attacks more than doubled from 43 to 91.
- Nearly half, or 44.4% of the group, have disrupted healthcare delivery.
- Thirty-two attacks, or 8.6% of the cohort, resulted in operational disruption for more than two weeks.
- About one-fifth (20.6%) of healthcare organizations report being able to restore data from backups.
Common disruptions include electronic system downtime, 41.7%, scheduled care cancellations, 10.2%, and ambulance diversions 4.3%.
Data exposure after an incident is a major concern for ransomware victims as hospitals and healthcare systems are required under HIPAA to protect patient data.
The cohort incidents exposed more patients’ PHI, the researchers said.
For 59 ransomware attacks (15.8%), there is evidence that ransomware attackers made some or all of the stolen PHI public, often by posting it on dark web forums where stolen data is advertised for sale by including a subset of records.” according to the JAMA summary.
The researchers noted that they noticed an increasing lag in reporting ransomware incidents during the study period with one-fifth of the attacks not appearing in the Office of Human Services database. and American Health for Civil Rights.
As a result, “many of the statistics reported in this article are likely to be underestimated due to underreporting,” they said.
The absence may be due to low PHI exposure as per HHS guidance stating that HIPAA protected entities and their business partners do not need to report incidents if they can demonstrate the possibility of PHI being compromised. low exposure.
TREND TO BIGGER
University researchers say ransomware increasingly affects large organizations with multiple facilities during the study period.
However, cybersecurity experts have said that recently, cybercriminals have learned that larger organizations are spending more on cybersecurity protections and are looking at smaller organizations with lower budgets. Smaller books, easier to exploit.
In June 2022, Sophos found that ransomware attacks against healthcare organizations doubled from 2020 to 2021 in a poll of more than 5,000 professionals. IT experts.
“Healthcare had the highest increase in the number of cyberattacks (69%) as well as the complexity of cyberattacks (67%) relative to the level of attack,” the Sophos researchers said. the interdisciplinary average is 57% and 59%, respectively.
“In terms of the impact of these cyberattacks, healthcare is the second most affected sector (59%) compared to the global average of 53%.”
ON PROFILE
“This cohort study of ransomware attacks noted an increase in their frequency and sophistication,” the researchers said in the research report.
“Ransomware attacks disrupt care delivery and jeopardize the integrity of information. Current monitoring/reporting efforts provide limited information and could be expanded to potentially provide a more complete look at how this evolving form of cybercrime is affecting healthcare delivery.”
Andrea Fox is the senior editor of Healthcare IT News.
Email: [email protected]
Healthcare IT News is a publication of HIMSS.
