Hackers apparently lack honesty

Report shows that health care organizations pay ransoms, but rarely get all their data back

A report from Sophos shows that twice as many health care organizations paid ransoms to hackers in 2021 than in 2020, but only 2% of the victims received all of their data back.

Health care is a regular target of ransomware, with 66% of organizations surveyed saying they were hit with ransomware last year, up 34% from 2020. These attacks are unlikely to subside seeing as how health care targets are the most likely to pay the ransom, ranking first with 61% paying to get their data back compared to the global average of 46%. Only 34% paid the ransom in 2020.

What do these organizations get back when they pay? The survey shows not as much as they hoped. Those paying only received 65% of their data in 2021, down from 69% in 2020.

If there is any good news in the results, it’s that health care companies pay the smallest ransom amounts. Health care averaged $197,000 per ransom compared to a global average of $812,000.

But ransom money isn’t the only cost from an incident. Health care ranked second highest at $1.85 million in terms of the average cost to rectify ransomware attacks compared to the global average of $1.4 million. There is also the time factor – 44% of those hit with ransomware took a week to recover, while 25% took up to one month.

Despite the ongoing threats, health care organizations don’t always carry cyber insurance coverage, with 78% saying they have coverage, compared to a global average of 83%. Almost all (97%) of those with cyber insurance have upgraded their cyber defenses to improve their cyber insurance position. In 97% of incidents that were covered by cyber insurance, the insurer paid some or all of the costs incurred, with 47% overall covering the ransom payment.

“It is not surprising to see healthcare as the number one target of ransomware attacks,” said John Gunn, CEO, Token, in a statement. “This segment is the most regulated, has the greatest revenue and profits, and the most to lose if they don't pay the ransomware demand, all things that make them the most attractive target for hackers. What is surprising is that more companies are not upgrading their access control with better authentication, the front door is still where the majority of hackers enter, and it is the easiest to protect.”