Healthcare
organizations
in
the
U.S.
lose
an
average
of
$1.9
million
during
each
day
of
downtime
following
a
ransomware
attack,
according
to
new
research
from
software
company
Comparitech.
A
ransomware
attack
is
a
major
headache
for
any
organization,
but
the
destructive
effects
are
particularly
calamitous
for
attacks
waged
against
healthcare
organizations,
the
report
noted.
These
attacks
force
healthcare
providers
to
take
their
systems
offline,
making
it
difficult
to
provide
care
and
access
patient
data
until
the
hackers
are
paid
a
fee
or
IT
specialists
remove
the
ransomware.
It’s
no
secret
that
these
disastrous
ransomware
attacks
are
becoming
more
and
more
common
in
the
healthcare
sector.
The
report
pointed
out
that
there
have
been
654
individual
ransomware
attacks
on
medical
organizations
since
2018
—
with
143
individual
attacks
being
recorded
last
year
alone.
Last
year’s
143
ransomware
attacks
resulted
in
more
than
26.2
million
patient
records
being
exposed,
the
report
noted.
The
rate
of
ransomware
attacks
in
the
healthcare
industry
is
likely
to
increase
even
more
in
2025,
predicted
Rebecca
Moody,
Comparitech’s
head
of
data
research.
“With
the
likes
of
LockBit
revealing
its
latest
version
[last]
week
and
an
influx
in
new
ransomware
gangs
making
key
claims
this
month
(e.g.
Interlock
claiming
the
attack
on
Texas
Tech
University
Health
Sciences
Center
which
breached
nearly
1.5
million
patient
records),
ransomware
attacks
on
healthcare
organizations
remain
just
as
much
of
a
threat
as
they
have
in
recent
years
—
if
not
more
so,”
Moody
wrote
in
an
emailed
statement.
Comparitech’s
report
revealed
that
the
average
ransom
amount
demanded
during
a
healthcare
cyberattack
is
$1.18
million.
But
the
cost
of
an
attack
goes
far
beyond
just
the
ransom.
Even
if
an
organization
pays
the
ransom
fee
to
decrypt
its
systems,
it
is
“highly
likely”
the
organization
will
still
face
a
slew
of
expensive
recovery
costs,
Moody
pointed
out.
“Recovery
costs
include
those
required
to
restore
systems,
the
cost
of
specialist
teams
to
help
overcome
the
attack
(and
overtime
for
employees),
lost
revenue
due
to
downtime,
and
the
cost
of
providing
identity
theft
protection
to
people
impacted
in
a
data
breach,”
she
explained.
All
healthcare
providers
need
to
have
a
clear
plan
in
place
in
the
event
that
their
systems
are
impacted
by
a
ransomware
attack,
Moody
declared.
This
includes
establishing
an
incident
response
team,
creating
a
strong
communication
plan,
and
crafting
step-by-step
instructions
for
how
the
threat
should
be
managed
—
such
as
removing
infected
systems
from
the
network
and
how
to
recover
data
—
Moody
stated.
She
also
said
carrying
out
regular
backups
is
critical
when
it
comes
to
limiting
downtime
from
cyberattacks.
Photo:
WhataWin,
Getty
Images