Following Change Healthcare’s $22 million ransom payment in March, the healthcare sector saw an unprecedented rise in ransomware attacks. Cybersecurity firm Recorded Future reported 44 healthcare-related incidents in the month that followed, marking a record high.
Ransomware groups are becoming more sophisticated and emboldened by successful payouts. Attackers exploit vulnerabilities in healthcare systems to infiltrate networks, encrypt data, and demand hefty ransoms for its release. Change Healthcare's high-profile payout has seemingly incentivized more cybercriminals to target the healthcare sector, perceiving it as a lucrative and potentially easier target compared to other industries.
Experts had warned that if Change Healthcare met the hackers’ demands, it would spur an onslaught of similar attacks by making it clear these companies would pay up. It now seems this prediction has come to fruition. There’s even speculation that the company paid ransom twice, as one of the hacking groups involved absconded without paying its associates, who then leveraged the stolen data a second time.
Ransomware attacks on healthcare facilities have been on the rise. The industry is fragile and uniquely vulnerable, as disrupted services can mean the difference between life and death for patients. For instance, an attack on the health network Ascension, which has 140 hospitals across the US, forced it to send ambulances to other locations.
Cyberattacks on healthcare organisations can be devastating, leading to delayed medical procedures, compromised patient care, and significant financial losses. However, healthcare organisations face unique challenges in combating ransomware. The need to maintain uninterrupted access to patient data and medical systems means they are more likely to comply with ransom demands to restore operations quickly. This urgency often results in a vicious cycle, where paying ransoms encourages further attacks.