The State of Ransomware in Healthcare 2022

Findings from an independent, vendor-agnostic survey of 5,600 IT professionals in mid-sized organizations, including 381 healthcare respondents, across 31 countries.

Introduction

Sophos’ annual study of the real-world ransomware experiences of IT professionals in healthcare working at the frontline has revealed an ever more challenging attack environment. Together with the growing financial and operational burden ransomware places on its victims, the report also shines new light on the relationship between ransomware and cyber insurance, including the role insurance is playing in driving changes to cyber defenses.

About the survey

Sophos commissioned research agency Vanson Bourne to conduct an independent, vendor-agnostic survey of 5,600 IT professionals, including 381 healthcare respondents, in mid-sized organizations (100-5,000 employees) across 31 countries. The survey was conducted during January and February 2022, and respondents were asked to respond based on their experiences over the previous year.

Attacks are up and their complexity and impact are increasing

66% of healthcare organizations were hit by ransomware last year, up from 34% in 2020. This is a 94% increase over the course of a year, demonstrating that adversaries have become considerably more capable at executing the most significant attacks at scale. This likely also reflects the growing success of the ransomware-as-a-service model, which significantly extends the reach of ransomware by reducing the skill level required to create and deploy an attack. [Note: hit by ransomware was defined as one or more devices impacted by the attack but not necessarily encrypted.]

If we compare the prevalence of ransomware attacks across all sectors surveyed, the rate of attacks on healthcare was at par with the global average of 66%.

In terms of data encryption rate, healthcare, with a 61% encryption rate, performed better than the global average of 65%, indicating that healthcare was better able to stop data encryption in a ransomware attack. There was also a drop in healthcare’s encryption rate over the previous year (65% in 2020)…