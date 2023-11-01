Recent research from Sophos has revealed that a staggering 75% of ransomware attacks on healthcare organizations in 2023 resulted in successful encryption of data. This marks a considerable increase from the previous year, when 61% of healthcare entities reported having their data encrypted. However, the study also found a reduced frequency of attacks, with 60% of healthcare organizations surveyed falling victim to ransomware in 2023, compared to 66% in 2022.

One notable factor contributing to the rising success rate of these attacks is the shrinking timeline of the attacks themselves. Threat actors have been accelerating their attack timelines, making it increasingly challenging for defenders to detect and prevent them in a timely manner. The researchers at Sophos have observed that the median time from the start of a ransomware attack to detection has dropped to just five days.

The report also revealed two common entry points for ransomware attacks in the healthcare sector: compromised credentials and exploited vulnerabilities. Compromised credentials accounted for 32% of attacks, while exploited vulnerabilities made up 29%.

Another alarming finding from the study is that healthcare organizations hit ransomware attacks are experiencing increased recovery times. Only 47% of organizations were able to recover within a week in 2023, compared to 54% in the previous year. Additionally, 28% took over a month to recover, indicating a significant rise from 20% in 2022. As a result, the financial costs incurred these organizations have skyrocketed, with the average cost of an incident growing from $1.85 million to $2.2 million year-over-year.

To combat ransomware attacks, Sophos recommends adopting several best practices. These include using security tools that defend against common attack vectors, implementing a zero trust architecture to prevent the misuse of compromised credentials, investing in adaptive technologies that can automatically respond to attacks, ensuring 24/7 detection and response capabilities, maintaining timely patching, and consistently practicing and updating incident response plans.

While there is some positive news, such as a decrease in organizations paying ransoms to recover data, healthcare organizations must remain vigilant in their efforts to protect patient data and critical systems from ransomware attacks.