Medical Institutions Remain One of the Most Vulnerable Sectors to Ransomware Attacks

A recent ransomware report by NordLocker shows that the health sector is still very vulnerable due to numerous ransomware attacks worldwide and a flawed security situation. Last year saw 64 ransomware attacks against medical companies. Attacks were carried out not only on large public hospitals but also against private, even one-person consultation offices.

London, United Kingdom, July 30, 2023 --(PR.com)-- Experts weigh in on why the health is sector so vulnerable.

The healthcare sector experienced 64 ransomware attacks last year alone, according to research by NordLocker.

According to recent data, the belief that ransomware attacks only target wealthy organizations is a myth. In 2022, healthcare companies with annual profits ranging from $25-50 million experienced four ransomware attacks, while medical companies with profits between $11-25 million encountered 14 attacks. Medical institutions with profits of $1-5 million were not exempt because they also suffered four attacks. It is crucial to highlight that ransomware poses a greater threat to institutions with lower profits because cyberattacks can often lead to severe financial repercussions, including bankruptcy.

Ransomware attacks target large public hospitals and small private practices alike. The report reveals that even one-person private consultation offices are not immune to these attacks. In the year prior, healthcare institutions with 1,000-5,000 employees experienced four attacks, while those with 1-11 and 11-50 employees encountered 13 attacks.

It is important to note that ransomware attacks extend beyond hospitals and healthcare facilities. Biotech companies, pharmaceutical companies, social services, medical factories, and other organizations in the healthcare sector are also susceptible to such attacks.

As usual, most attacks target American businesses — 61% of all attacks are against the US healthcare sector. Spain and Canada are the other countries most affected by ransomware attacks, with almost 8% and 4.7% of attacks retrospectively.

Why is the health sector so vulnerable?

Experts agree that there are a variety of different reasons why healthcare is such a lucrative industry for cybercriminals.

“In general, hospitals and other medical institutions are a great target due to outdated systems, and lack of choice in solution providers because not all vendors can offer solutions for the medical field. Lack of investment is another factor,” says Aivaras Vencevicius, head of product for NordLocker.

The health care sector is also particularly vulnerable because of the disastrous consequences an attack might have. A tragic example occurred in 2020 when a hospital in Germany fell victim to a ransomware attack. As a result, the hospital was forced to shut down its emergency division, leaving patients in critical condition without immediate access to life-saving care. Tragically, a patient being transferred to another hospital via ambulance during the incident passed away. This heartbreaking event underscores the urgent need for enhanced cybersecurity measures in the healthcare industry.

Institutions and companies can protect themselves

Ransomware attack methods are becoming more sophisticated and advanced every day, but typically, ransomware infects victim devices in one of three ways:

through phishing emails containing a malicious attachment

via a user clicking on a malicious link

by viewing an advertisement containing malware

The consequences of a ransomware attack can be severe, including reputational damage, financial losses, and the exposure of sensitive data. Attacks are more dangerous for medical institutions than any other company because the consequences can be fatal.

While paying the ransom may seem like a quick solution, it only encourages further attacks. However, many companies opt to pay the ransom after assessing the potential damage to their business.

“The only way to protect yourself from ransomware attacks is to make cybersecurity a priority now. Cybersecurity training, up to date software, zero-trust network access, proper file hygiene, encryption, and backups. These first steps are essential cybersecurity basics,” says Aivaras Vencevicius, head of product for NordLocker.

Methodology: Data was collected from publicly available blogs where ransomware gangs post the names of their victims and their demands. The ransomware attacks under investigation all happened during the period between 01/01/2020 to 30/04/2023.

About NordLocker
NordLocker is the world's first end-to-end file encryption tool with a private cloud. It was created by the cybersecurity experts behind NordVPN – one of the world's most advanced VPN service providers. NordLocker is available for Windows and macOS, supports all file types, offers a fast and intuitive interface, and guarantees secure sync between devices. NordLocker protects files from hacking, surveillance, and data collection. For more information: nordlocker.com.
Contact
NordVPN
Laura Tyrell
+467 9873 4591
https://nordvpn.com
ContactContact
Categories