The 2022 State of Ransomware Report released by cybersecurity company Sophos showed that ransomware attacks targeting healthcare companies grew by 94% year over year. The report based its data on an international survey involving 5,600 IT experts as well as interviews with 381 healthcare IT specialists from 31 nations. The report this year discussed the immediately growing connection between ransomware and cyber insurance coverage in the healthcare industry.
66% of surveyed healthcare providers mentioned they had suffered a ransomware attack in 2021, greater than the 34% in 2020 and the number of attacks grew by 69%, which was the largest of all sectors. Healthcare experienced the second-biggest increase (59%) in the impact of ransomware attacks.
As per the report, the number of healthcare companies that gave ransom payments increased twofold year over year. In 2021, 61% of healthcare providers that experienced a ransomware attack paid the ransom. This percentage is the highest of any industry market. The global average was 46%, which is more or less double the percentage in 2020last year
Ransom payment may enable healthcare companies to recover from ransomware attacks quicker, nevertheless, ransom payment doesn’t ensure that there won’t be any loss of data. Typically, after giving the ransom payment, healthcare providers could only get back 65% of encrypted information, it was 69% in 2020. 8% of healthcare companies got back all of their information after paying the ransom in 2020, it’s only 2% in 2021.
Although the healthcare sector had the largest percentage of affected companies making ransom payments for the decryption keys and to avert the publishing of sensitive files, healthcare had the least average ransom amount of $197,000. The global average throughout all industry segments was $812,000. The cost of ransom was smaller in healthcare, yet the general cost of recovery was the second-largest, having a total cost of $1.85 million for each ransomware attack, which is significantly bigger than the worldwide average of $1.4 million.
Though there is a great risk of experiencing an expensive ransomware attack, there are rather low levels of cyber insurance plans in medical care. Through all industries, 83% of companies possessed cyber insurance policies. Only 78% of surveyed healthcare providers stated they acquired a cyber insurance plan. Lots of cyber insurance companies say that certain standard security procedures should be put in place to take out insurance policies, and the stage of readiness of cybersecurity systems could have a great effect on the cost of insurance plans. 97% of healthcare providers claimed they had enhanced their cybersecurity protection to boost their cyber insurance position.
97% of healthcare companies that got cyber insurance covering ransomware attacks mentioned the policy reimbursed, with 47% revealing that the whole ransom amount was paid for by their cyber insurance company; nevertheless, acquiring cyber insurance to pay for ransomware attacks is becoming significantly tougher as a result of the degree to which the healthcare sector is being attacked.