Cybercriminals remain a major threat in the healthcare sector — with the vast majority of healthcare organizations reporting spotting a cyberattack and suffering financial consequences as a result in the past 12 months, according to recent research.
A report released this month by cybersecurity firm Netwrix showed that 84% of healthcare organizations had faced a cyberattack within the past year. The research is based on a survey of more than 1,300 IT and security professionals across various industries.
The report also found that nearly 70% of healthcare organizations were forced to deal with financial damages as a result of their cyberattack.
Additionally, 21% of organizations reported a change in leadership as a consequence of an attack, and 19% reported being hit with lawsuits — and both of these rates were higher compared to other sectors that were surveyed.
Phishing was the most common attack method used in healthcare cyberattacks, which was in alignment with other industries.
“Healthcare workers regularly communicate with many people they do not know — patients, laboratory assistants, external auditors and more — so properly vetting every message is a huge burden. Plus, they do not realize how critical it is to be cautious, since security awareness training often takes a back seat to the urgent work of taking care of patients. Combined, these factors can lead to a higher rate of security incidents,” Dirk Schrader, Netwrix’s field CISO and vice president of security research, said in a statement.
The increasing severity of cyberattacks in the healthcare sector was further underscored this month by research released by cybersecurity vendor Black Kite.
The company’s report showed that certain ransomware gangs are disproportionately targeting organizations in the healthcare industry. Leading the charge are ransomware groups Everest, Monti and INC Ransom — roughly quarter of their victims are in the healthcare sector, according to Black Kite’s research.
Cybercriminals’ war on healthcare data shows no signs of slowing down, either. The report revealed that overall cyberattacks on healthcare organizations rose by 32% year-over-year.
“The fallout from Change Healthcare fundamentally altered how ransomware groups operate, making healthcare organizations prime targets,” said Ferhat Dikbiyik, Black Kite’s chief research and intelligence officer, said in a statement. “Threat actors have refined their tactics to maximize efficiency, evade law enforcement, and increase their chances of securing ransoms. These shifts in both tactics and target criteria have made ransomware attacks more frequent, unpredictable, and strategically devastating, especially in the healthcare industry.”
