The number of healthcare providers affected by ransomware attacks is steadily growing.
More than two-thirds of healthcare providers reported a ransomware attack in the past year compared with 60% in 2023, according to a survey released Thursday from cybersecurity company Sophos. In 2021, only 34% of providers said they were affected by an attack.
Related: Why Change Healthcare's restoration process has taken so long
The survey is the latest sign the industry's hacking problem is a crisis. Healthcare cybersecurity leaders remain on edge following a string of massive breaches in the industry such as the ones affecting Ascension Health and Change Healthcare. Last Friday, the Centers for Medicare and Medicaid Services announced it has developed a five-pronged plan geared toward reducing data breaches and ensuring accountability among healthcare organizations.
For the survey, Sophos polled 402 cybersecurity leaders at healthcare organizations. The majority of attacks occurred through vulnerabilities or compromised credentials, according to respondents.
Nearly all healthcare organizations hit by a ransomware attack said the cybercriminals also attempted to access their backup systems, according to the survey. These backup systems allow providers to return their systems online and it's critical to keep them secure, said John Shier, Sophos' field chief technology officer for threat intelligence.
“The ransom demand for those organizations that had their backups compromised was three times higher,” Shier said. “As a cybercriminal, if you compromise the backups, you now have taken away potentially a very easy way of recovering [files].”
Sophos found 66% of healthcare organizations had hackers access their backups, which was among the highest rates in any industry.
Shier said there are signs that healthcare organizations will continue to face more attacks.
“The sheer fact that we're seeing a lot of healthcare organizations getting hit means that there are probably fewer rules from cybercriminals around who you can attack,” Shier said. “The gloves have come off when it comes to a lot of the ransomware gangs.”