New Delhi –– Arete, a leading global cyber risk management company, released the first report in a series of Sector Ransomware Spotlights, in collaboration with cybersecurity research firm Cyentia. The report, focused on the healthcare sector, explores the most prolific ransomware families, ransom demand and payment trends, and the most impactful controls and mitigation tactics.
The data for this research comes directly from over 1,500 ransomware events investigated by Arete, of which the healthcare sector accounted for 13 percent.
The report offers actionable takeaways for healthcare organizations as well as the cyber insurance professionals insuring these organizations. The data reveals the top ransomware variant impacting healthcare organizations changes from year to year, but what has not changed is that phishing is the most common way threat actors gain initial access to these organizations. Having multiple controls in place allows an organization to leverage the most negotiating power and is also an efficient way for insurance brokers to evaluate potential risk.
The key findings within the report reveal several important points regarding cybersecurity in healthcare organizations. Firstly, it highlights that healthcare organizations had a high likelihood, at 73.7%, of paying a ransom when targeted by ransomware attacks. This emphasizes the critical need for robust security measures. The report also indicates that less than 25% of healthcare organizations have implemented multi-factor authentication (MFA), which is a key security measure. Additionally, just over half of the organizations reported performing regular backups, indicating a gap in data protection practices. Implementing an Endpoint Detection and Response (EDR) platform was found to enhance protection and reduce the likelihood of paying a ransom. The report also emphasizes that ransomware families can evolve and change rapidly, highlighting the importance of staying updated and adapting security measures accordingly. The top technique employed by attackers was data encryption for impact. To mitigate the risk of data exfiltration, the report suggests that user training and regular data backups are essential controls to consider. Overall, the findings underscore the urgent need for healthcare organizations to prioritize cybersecurity and implement comprehensive security measures to safeguard sensitive data and prevent ransomware attacks.
“Healthcare organizations are often targets of ransomware because the presence of sensitive information, including PII and PHI, can increase the likelihood of ransom payment,” said Arete’s Chief Data Officer, Chris Martenson. “In this report, we highlighted insights to educate these organizations on ransomware trends and how to protect their data. In today’s digital-first world, it is pivotal for healthcare organizations to build cybersecurity teams in-house or collaborate with a third-party security partner to implement effective mitigation tactics and controls,” Martenson added.
