The State of Ransomware in Healthcare 2021 report provides deep insight into the prevalence and impact of ransomware in the healthcare sector. The report also compares the experiences of healthcare with other industries and reveals the future expectations and readiness of healthcare organizations in the face of these attacks.
Based on a survey of 328 healthcare IT managers in mid-sized organizations in 30 countries across the globe, the report reveals that just over a third of healthcare organizations (34%) were hit by ransomware last year, which is actually slightly below the global cross-sector average of 37%.
Attackers have a higher success rate at encrypting healthcare data
Among the healthcare organizations that were hit by ransomware, 65% said their data was encrypted – compared with the cross-sector average of 54%. Globally 39% of organizations were able to stop the attack before the data was encrypted, dropping to just 28% in healthcare. This reduced ability to stop an attack may be a reflection of the financial and resourcing challenges that the healthcare sector faces, partly due to a reluctance to divert funds to cybersecurity that could be used for frontline patient care.
Healthcare is more likely to pay the ransom and less likely to backup
Among the healthcare organizations whose data was encrypted, 34% paid the ransom compared with a cross-sector average of 32%. This may be because healthcare was less able to restore data from backups than almost all other sectors: on average 57% of organizations used backups to get their data back, – this came down to only 44% in healthcare, the second lowest across all sectors.
Paying the ransom only gets 69% of the data back
What attackers omit when issuing ransom demands is that even if you pay, your chances of getting all your data back are slim. 25 healthcare respondents who paid the ransom to get their data back got back, on average, just 69% of their data, leaving a considerable proportion of their data inaccessible.
Get the full survey findings
Read the State of Ransomware in Healthcare 2021 to get the full findings from the survey. It includes best practice advice from Sophos defenders to help you stay safe from ransomware.
The State of Ransomware in Healthcare 2021 survey was conducted by Vanson Bourne, an independent specialist in market research, in January and February 2021. The survey interviewed 5,400 IT decision makers in 30 countries, including 328 respondents from healthcare that came from all geographic regions surveyed: the Americas, Europe, the Middle East, Africa, and Asia Pacific. All respondents were from organizations with between 100 and 5,000 employees.