The healthcare sector has been under relentless pressure due to COVID-19 and cyberattacks. Healthcare facilities collect a lot of data, which makes them a lucrative target for cybercriminals. While healthcare facilities witness ransomware attacks, it is not just the health data that is affected.
Who is impacted?
Ransomware attacks on the healthcare sector directly impact the patients. Ponemon conducted a study on 597 health delivery organizations and the statistics below are terrifying.
Around 70% of participants stated that a successful attack led to a longer stay for patients.
The same proportion of respondents stated that these attacks created delays in medical procedures, resulting in unwanted outcomes for patients in need.
According to 65% of the participants, ransomware attacks led to an increase in the number of patients being transferred to other facilities.
More than 35% stated that a ransomware attack increased complications in medical procedures.
A fifth of the respondents witnessed an increase in patient mortality rate.
Most healthcare apps vulnerable to attacks
In its new 2021 Web Application Security for Pharma and Healthcare report, Outpost24 shared that 90% of web apps used by U.S. healthcare providers are vulnerable to cyberattacks.
Eighty-five percent of the top 20 healthcare and pharma apps are critically exposed.
A total of 6,069 web apps are run by U.S. healthcare organizations over 2,197 domains, of which 23.74% are running on vulnerable components.
EU providers run 20,394 apps over 9,216 domains, of which 18.3% are running on vulnerable components.
U.S. organizations scored 40.5 in average risk exposure, while the same for EU organizations was 32.79%.
Some latest attacks on healthcare
True Health New Mexico underwent a breach in which the PII of 62,000 patients was compromised.
New York-based Huntington Hospital notified around 13,000 patients of a breach after one of its employees gained unauthorized access to medical data.
Utah Imaging Associates underwent a security breach and the attackers stole the sensitive data of 583,643 patients.
The bottom line
Healthcare authorities should recognize operational vulnerabilities and build a plan to address weaknesses in their digital infrastructure. As threat actors are running rampant, it is not only the medical data that is at risk. In some cases, even patients have allegedly lost their lives owing to ransomware attacks. The healthcare sector needs to be proactive and implement proper ransomware protection measures at the earliest.