Key Takeaways:
- Nearly 400 U.S. healthcare organizations have been targeted by ransomware attacks.
- The financial impact includes average ransomware payments of up to $4.4 million and downtime costs reaching $900,000.
- These attacks have led to a sharp rise in critical patient incidents, such as increased cardiac arrests and strokes.
Microsoft has found that nearly 400 U.S. healthcare organizations have fallen victim to ransomware attacks this fiscal year. These campaigns aim to breach sensitive patient data, disrupt vital operations, and put patients’ lives at risk.
In a report released earlier this week, Microsoft noted that healthcare organizations face average ransomware payments of up to $4.4 million, with downtime costs reaching $900,000 per incident. These attacks create a ripple effect by overloading nearby hospitals with displaced patients and straining resources across facilities.
“The healthcare sector faces a rapidly increasing range of cybersecurity threats, with ransomware attacks emerging as one of the most significant. A combination of valuable patient data, interconnected medical devices, and small IT/cybersecurity operations staff, which spreads resources thin, can make healthcare organizations prime targets for threat actors,” the Microsoft Threat Intelligence team explained.
What is the impact of ransomware attacks on patient care and hospital operations?
Microsoft researchers analyzed the impact of ransomware attacks on four hospitals—two affected and two unaffected. They found that patient numbers rose by 15 percent while waiting room times surged by about 50 percent in impacted facilities. Additionally, confirmed strokes spiked by 113 percent, and cardiac arrest cases increased by 81 percent.
Microsoft also reported a significant drop in survival rates for out-of-hospital cardiac arrests with favorable neurological outcomes, plummeting from 40 percent before the attack to just 4.5 percent during it. Moreover, emergency medical services (EMS) arrivals at unaffected hospitals rose by 35.2 percent.
The role of organized hacking groups in healthcare ransomware attacks
The report reveals that highly organized, specialized hacking groups are behind these ransomware attacks on the healthcare sector. These attackers use advanced tools and techniques to breach networks, encrypt data, and demand ransom payments.
Microsoft’s findings reveal that Iranian hackers have been the most active in attempting attacks on healthcare organizations. Moreover, Russia is reportedly allowing ransomware groups to operate within its borders to target U.S. infrastructure.