Claroty has reported in its 2023 Global Healthcare Cybersecurity Study that 78% of surveyed healthcare professionals reported experiencing at least one cybersecurity incident with 60% of those having a moderate or substantial impact on care delivery and 30% having sensitive data impacted in the past year.
Also noteworthy is that more than 25% of organizations that experienced ransomware attacks paid the ransom, with more than a third reporting upwards of $1 million in recovery costs.
Meanwhile, 51% of respondents globally reported an increase in security budgets over the last year and intend to prioritize the following threats:
- Patching medical device vulnerabilities
- Improving asset inventory management
- Segmenting medical devices
“As healthcare organizations undergo digital transformation and technological innovation revolutionizes the industry, regulatory requirements become increasingly complex and are frequently evolving. Keeping up with standards and understanding guidelines can be challenging, but the survey shows that organizations hold these regulations in high regard and value the guidance,” the report noted.
Jan Lovmand, CTO, BullWall had this to say:
“With 78% of healthcare operators reporting at least one cybersecurity incident in the past year, this is a full-on battle. Ransomware attacks on healthcare facilities pose a grave threat to public health and safety. These assaults not only shut down delivery of critical medical services, causing delays in essential surgeries and treatments that jeopardize patients’ lives, but they also breach the sanctity of sensitive patient data. The aftermath of such attacks can be catastrophic, leaving hospitals grappling to recover their data and regain control over their systems. Whether the ransom is surrendered or not, the toll in both financial losses and compromised patient care deals a crippling blow to these already strained institutions.”
“Hospitals and healthcare organizations have a bullseye painted on them in the eyes of cybercriminals. A heavy reliance on technology to manage a huge range of functions, from patient records to surgical equipment, provides a vast attack surface of uniquely susceptible targets. This vulnerability is further exacerbated by their meager resources allocated for bolstering cybersecurity defenses. However, with ransomware showing no sign of abating, it is imperative to invest in countermeasures that can stop these attacks without necessitating a complete shutdown of IT systems and healthcare services. A good Ransomware containment defense and off-site backups are table stakes.”
Dave Ratner, CEO, HYAS adds this comment:
“This attack further proves that no one should consider themselves safe from being targeted. We live in a world where every organization can and will be breached, and the only solution is to focus on proper operational resiliency, business resiliency, and business continuity. As part of this, visibility and observability into anomalies on the network and the early detection of the digital exhaust from a breach is critical so that an attack can be detected, mediated, and rendered inert before widespread damage ensues. CISA and the NSA don’t just recommend Protective DNS for governments and critical infrastructure — it’s increasingly clear that this is a vital component for every organization and network.”
This report paints a very scary picture. And it’s a picture that needs to change before 78% of healthcare organizations getting pwned goes to 100% of healthcare organizations getting pwned.