Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Ellen Jennings-Trace

Healthcare organizations are having to pay millions to solve ransomware attacks

Ransomware attack on a computer.

Healthcare organizations continue to be attractive targets for ransomware criminals, and these attacks are not only becoming more frequent, but also more expensive, with the average costing $2.57 million to recover from - a rise from $2.2 million the previous year, new research has claimed.

A report from Sophos found over two-thirds (67%) said they had been victims of a ransomware attack in 2024, up from 60% in 2023.

The complexity and sophistication of attacks is growing too, as 80% of organizations took over a week to recover, considerably more than the 46% reported in 2022.

Vulnerable targets

The healthcare industry has long been a lucrative target for cybercriminals, since organizations tend to hold highly sensitive information and need constant access to ensure patient safety.

Attackers primarily used exploited vulnerabilities and compromised credentials to gain access to the organizations, accounting for 34% of instances each. Criminals didn’t just go after the data, in 95% of attacks, hackers also went after organizations' backup. Understandably so, since a compromised backup means the ransom is twice as likely to be paid.

“Unfortunately, cybercriminals have learned that few healthcare organizations are prepared to respond to these attacks, demonstrated by increasingly longer recovery times.” said Chief Technical Officer at Sophos, John Shier.

“These attacks can have immense ripple effects, as we’ve seen this year with major ransomware attacks impacting the healthcare industry and impacting patient care”

Without huge cybersecurity budgets and often with outdated IT systems, healthcare institutions are exposed. Research suggested as much as 50% of IT systems would fall under the ‘legacy’ category, leaving them open to vulnerabilities.

With cybercriminals becoming more successful and more destructive, Shier calls for a more proactive, ‘human-led’ approach to threat detection, calling for continuous monitoring to stay ahead of cybercriminals.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.