An analysis of ransomware attacks on healthcare organizations from 2016 through October of 2023 shows the healthcare sector is likely to continue to suffer as a viable ransomware target.
In the last seven years, there have been 539 confirmed ransomware attacks on U.S. hospitals, costing a total of around $77 billion. Consumer tech comparison website Comparitech performed an analysis of these attacks to show the trends – with both positive and negative results.
According to the analysis, there’s some good news:
- The number of attacks this year (through October) is only 66. Projecting out to the end of the year (based on historical trends) puts the total number of attacks somewhere less than last year.
- The number of patient records stolen (again, through October) is a little above 7.1 million – that’s less than half of last year’s 15.1 million.
But then, there’s some really bad news too:
- The average downtime spiked this year to 18.71 days, a 19% increase from last year.
- The average ransom demand this year was $2.08 million, a massive 165% increase from last year.
So, despite a trend that seems to point out that less attacks will occur through the remainder of this year, cybercriminals are doing more damage and asking for more in return for their efforts. This all makes it clear that the focus needs to be squarely on preventing ransomware attacks.
With phishing and social engineering continuing to play a major role, the implementation of security awareness training is an established method to stop such initial attacks from ever gaining momentum.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.