Most Hospitals Have Experienced Ransomware Attacks

By Katie Wike, contributing writer

According to a recent poll, the majority of hospitals in the US have been targeted by ransomware attacks in the last year.

A poll by Healthcare IT News and HIMSS Analytics has found more than half of healthcare organizations have been the target of ransomware attacks in the last 12 months. In fact, it’s possible that up to 75 percent have been affected by these types of cyber-attacks.

“Over half the people we polled indicated that they had some sort of ransomware attack,” said Brendan FitzGerald, HIMSS Analytics Research Director for Advisory Solutions, according to Healthcare IT News. The poll also indicated 25 percent are either unsure or have no way of knowing whether ransomware attacks were perpetrated against them or not.

“Some organizations back up data daily. But when you’re talking about an entire health system, there’s no guarantee that the data will get backed up every single day,” FitzGerald said. “Even daily backups can be hit or miss in terms of what kind of data is included, be that lab results, images, or other types.”

According to Fierce Health IT, 73 percent of the hospitals said they had a business plan in place to address a ransomware event. Another 23 percent said they did not have such a plan in place, and 3 percent said they were unsure if they did. Additionally, almost half were unsure if they could pay the ransom.

“There has been a lot of industry literature around whether or not to pay the ransom, most of it recommending not to,” FitzGerald said. “I think as a last resort there’s that potential to pay a ransom.”

“Moving forward,” FitzGerald said, “it’s going to be interesting to see how organizations respond to this.”