Quarter of Healthcare Ransomware Victims Forced to Halt Operations

Rhea-AI Summary

Trend Micro's recent research indicates that 86% of global healthcare organizations (HCOs) compromised by ransomware experienced operational outages. Over the past three years, 57% of HCOs reported such compromises, with 25% forced to halt operations and 60% seeing some process disruptions. Recovery took days for 56% and weeks for 24% of these organizations. The study highlights supply chain vulnerabilities, with 43% noting that their partners increase attack attractiveness. Despite 95% regularly updating patches, many HCOs lack essential cyber defenses and threat intelligence sharing.

Positive

• 95% of HCOs regularly update security patches.
• 91% restrict email attachments to reduce malware risks.

Negative

• 57% of HCOs experienced ransomware attacks in the past three years.
• 25% were forced to completely halt operations after an attack.
• 60% reported sensitive data leaks, increasing compliance and reputational risks.
• 30% do not share threat intelligence with partners.
• 46% do not share information with suppliers or broader ecosystems.
• 33% fail to share information with law enforcement.
• Only 51% currently use network detection and response tools.

Trend Micro research reveals supply chains are key source of risk

DALLAS, Oct. 11, 2022 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today revealed that 86% of global healthcare organizations (HCOs) that have been compromised by ransomware suffered operational outages.

Trend Micro research reveals 86% of global healthcare organizations compromised by ransomware suffered outages.

To find out more, visit: https://www.trendmicro.com/explore/glrans

Most (57%) global HCOs admit being compromised by ransomware over the past three years, according to the study. Of these, 25% say they were forced to completely halt operations, while 60% reveal that some business processes were impacted as a result.

On average, it took most responding organisations days (56%) or weeks (24%) to fully restore these operations.

Ransomware is not only causing the healthcare sector significant operational pain. Three-fifths (60%) of responding HCOs say that sensitive data was also leaked by their attackers, potentially increasing compliance and reputational risk, as well as investigation, remediation and clean-up costs.

Respondents to the study also highlight supply chain weaknesses as a key challenge. Specifically:

• 43% say their partners have made them a more attractive target for attack
• 43% say a lack of visibility across the ransomware attack chain has made them more vulnerable
• 36% say a lack of visibility across attack surfaces has made them a bigger target

The good news is that most (95%) HCOs say they regularly update patches, while 91% restrict email attachments to mitigate malware risk. Many also use detection and response tools for their network (NDR) endpoint (EDR) and across multiple layers (XDR).

However, the study also highlights potential weaknesses, including:

• A fifth (17%) don't have any remote desktop protocol (RDP) controls in place
• Many HCOs don't share any threat intelligence with partners (30%), suppliers (46%) or their broader ecosystem (46%)
• A third (33%) don't share any information with law enforcement
• Only half or fewer HCOs currently use NDR (51%), EDR (50%) or XDR (43%)
• Worryingly few respondents are able to detect lateral movement (32%), initial access (42%) or use of tools like Mimikatz and PsExec (46%)

"In cybersecurity we often talk in abstractions about data breaches and network compromise. But in the healthcare sector, ransomware can have a potentially very real and very dangerous physical impact," said Bharat Mistry, Technical Director at Trend Micro.

"Operational outages put patient lives at risk. We can't rely on the bad guys to change their ways, so healthcare organisations need to get better at detection and response and share the appropriate intelligence with partners to secure their supply chains." 

About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world. www.TrendMicro.com.  

View original content:https://www.prnewswire.com/news-releases/quarter-of-healthcare-ransomware-victims-forced-to-halt-operations-301641047.html

SOURCE Trend Micro Incorporated

FAQ

What does the Trend Micro research reveal about healthcare organizations and ransomware?

The research shows that 86% of healthcare organizations compromised by ransomware faced operational outages.

How many healthcare organizations have experienced ransomware attacks in the last three years?

57% of global healthcare organizations reported experiencing ransomware attacks in the past three years.

What percentage of healthcare organizations had to halt operations due to ransomware?

25% of healthcare organizations reported they were forced to completely halt operations after a ransomware attack.

What are some weaknesses highlighted in the Trend Micro report regarding healthcare cybersecurity?

The report indicates that 30% of organizations do not share threat intelligence, and many lack essential threat detection tools.

How long does it typically take for healthcare organizations to recover from ransomware incidents?

Typically, it takes 56% of organizations days and 24% weeks to fully restore operations after ransomware incidents.