Sophos is a global leader in innovation and delivery of cybersicurezza as-a-service. It presented the results of its vertical report “The State of Ransomware in Healthcare 2023”, from which it is clear how hacker attacks were able to successfully encrypt data belonging to 75% of the organizations interviewed for this study. This proportion is the highest in the last three years and marks a marked increase compared to the 61% recorded in the healthcare sector last year.
The data emerged from hacker attacks against healthcare
Another important fact indicates that only 24% of healthcare workers (versus 34% in 2022) was able to neutralize ransomware attacks before they could encrypt information: this is the lowest percentage detected in the sector in the last three years.
The results of the report
Other findings of the report include:
- In 37% of successful ransomware attacks encrypt data, these were also subtracted, indicating a growth in double extortion cases
- Healthcare workers are taking longer to get back to normal: only 47% managed to do so within a week, compared to 54% last year
- The overall number of ransomware attacks against healthcare workers surveyed is dropped from 66% in 2022 to 60% this year
- The compromise of credentials it is the leading cause of ransomware attacks against healthcare organizations, followed by exploits
- The number of healthcare workers surveyed who paid a ransom fell from 61% last year to 42% this year, lower than the previous year. 46% average calculated across all the various sectors.
Sophos advice against hacker attacks
Per defend oneself from ransomware and related cyberattacks, Sophos recommends the following best practices:
- Further strengthen your shields with: Security tools that protect against the most common attack vectors, such as endpoint protection with robust anti-exploit capabilities to prevent vulnerability abuse, and Zero Trust Network Access (ZTNA) to prevent the use of compromised credentials. Adaptive technologies that automatically react to attacks by neutralizing opponents and leaving time for defenders to respond. Threat detection, analysis and management activities on a 24/7 basis, whether carried out internally or in collaboration with a specialized MDR (Managed Detection and Response) service provider.
- Optimize attack preparedness by running regular backups, testing restores from backups, and maintaining an updated incident response plan.
- Maintain good security hygiene including timely patches and regular checks of security tool configurations.
To create the report The State of Ransomware 2023 3,000 IT and cybersecurity managers from organizations with 100 to 5,000 employees, including 233 in the healthcare sector, were interviewed in 14 countries across the Americas, EMEA and Asia Pacific.