Instances of data encryption during ransomattack on healthcare cos highest in 3 yrs: Report

In 2023, the healthcare industry saw the highest rate of encryption in the past three years. According to a report by cybersecurity firm Sophos, in 75% of ransomware attacks on healthcare organisations, cybercriminals were able to successfully encrypt the data — this percentage is a significant increase from the previous year’s 61 per cent. By encrypting data, cybercriminals deny access to organisations of their own data and release only when a ransom is paid. 

Sophos’ report, for which 3,000 cybersecurity leaders in healthcare sector were surveyed, also found that only 24% of these organisations were able to disrupt a ransomware attack before their data was encrypted. This is down from 34% recorded in 2022, and also the lowest in the last three years. 

“To me, the percentage of organisations that successfully stop an attack before encryption is a strong indicator of security maturity. For the healthcare sector, however, this number is quite low — only 24 per cent. What’s more, this number is declining, which suggests the sector is actively losing ground against cyberattackers and is increasingly unable to detect and stop an attack in progress,” said Chester Wisniewski, director, field chief technology officer (CTO), Sophos.

Wisniewski added that part of the problem is the growing sophistication of the ransomware attacks. “The ransomware threat has simply become too complex for most companies to go at it alone. All organisations, especially those in healthcare, need to modernise their defensive approach to cybercrime, moving from being solely preventative to actively monitoring and investigating alerts 24/7 and securing outside help in the form of services like managed detection and response (MDR),” he said.

In related news, a December 2023 report by Sophos found that the use of remote encryption in ransomware attacks has been steadily increasing over the past decade. Several ransomware groups are deliberately activating remote encryptions for their cyber-attacks, infiltrating deeper into companies and crippling their operations, which has observed a 62% year-over-year increase in deliberate remote encryption attacks since 2022.