Ransomware attacks on healthcare hit four-year high, average costs reaching $2.57Mn: Sophos
OXFORD, UNITED KINGDOM — A recent survey by cybersecurity firm Sophos revealed a troubling increase in ransomware attacks targeting healthcare organizations.
According to the report, two-thirds (67%) of healthcare institutions experienced ransomware attacks over the past year, marking a four-year high.
This increase is particularly concerning as it contrasts with a general decline in ransomware incidents across other sectors, where the overall rate dropped from 66% in 2023 to 59% in 2024.
Extended recovery times for healthcare organizations
The survey also highlighted the prolonged recovery times for healthcare organizations affected by ransomware. Only 22% of victims managed to recover within a week, a significant decrease from 47% in 2023.
Furthermore, 37% took more than a month to recover, reflecting the growing complexity and severity of these cyberattacks.
John Shier, field CTO at Sophos, said, “The highly sensitive nature of healthcare information and need for accessibility will always place a bullseye on the healthcare industry from cybercriminals”
“These attacks can have immense ripple effects, as we’ve seen this year with major ransomware attacks impacting the healthcare industry and impacting patient care,” he added.
Rising costs and backup compromises
Financially, the impact of these attacks is escalating. The average recovery cost for healthcare organizations hit by ransomware reached $2.57 million in 2024, up from $2.2 million the previous year.
Additionally, attackers targeted backups in 95% of cases, with compromised backups leading to more than double the likelihood of ransom payments.
Sophos’ report identified compromised credentials and exploited vulnerabilities as the primary causes of these attacks, each accounting for 34% of incidents. Insurance providers play a significant role in ransom payments, contributing to 77% of cases.
Urgent need for proactive defense strategies
To address these persistent threats, Shier emphasized the importance of adopting proactive defense measures.
“Healthcare organizations must adopt a more proactive, human-led approach to threat detection and response, combining advanced technology with continuous monitoring to stay ahead of attackers,” he stated.
Sophos’ findings are part of a broader survey involving 5,000 cybersecurity and IT leaders across various sectors and countries. As ransomware continues to pose significant challenges to the healthcare industry, it is crucial for institutions to enhance their cybersecurity measures to protect sensitive patient data and ensure uninterrupted care services.