Obrela Security has announced the results of a study of UK healthcare organisations which revealed that 81% have suffered a ransomware attack in the last year, while 38% have had to pay a ransom demand to release their data from cyber criminals.
The study was carried out in September 2021 and examined the attitudes of 100 cybersecurity managers in UK healthcare organisations. Other findings from the study revealed that 44% chose not to pay a ransom demand but lost their healthcare data as a result, while 64% of healthcare organisations have had to cancel in-person appointments because of a cyberattack on their organisation. When respondents were asked if a cyberattack on their systems could lead to the loss of lives, 65% admitted it could.
“Healthcare organisations hold some of the world’s most sensitive data and our study shows many are completely unprepared for cyberattacks. Threat actors target valuable confidential data, making healthcare a growing target and ransomware is steadily picking up pace as today’s cyber-weapon of choice. However, most organisations will not be able to identify a data leakage or a security compromise before it is too late. The security community and the UK Government should use this data as a call to action to step in and assist.
“Technology has been evolving very rapidly and it has become a critical element of modern healthcare, but it has also become a significant part of the attack landscape. What is worrisome is that healthcare technology is often deployed and used without security in mind. Therefore, security professionals must consider that the risk profiles of those organisations are now higher, given the complexity of the underlying infrastructure, as well as the fusion of previously physically and logically separated technologies. In short, we need to act now, otherwise we will witness the loss of human lives” said George Patsis, CEO of Obrela Security Industries.
The study was carried out in conjunction with the release of the Obrela Q3 Digital Universe Study, which is a quarterly roundup of the attacks targeting Obrela’s customers from the last three months. The Q3 data highlighted that there was a 30 percent increase in attacks on healthcare industry IT infrastructure when compared to Q2 2021. The data also highlighted that during the last three months healthcare organisations experienced a 36 percent increase in email security threats, a 24 percent increase in insider attacks and a 20 percent increase in perimeter breaches.
“When it comes to protecting against cyber attacks and ransomware, healthcare executives need to realise that preventing all attacks is nearly impossible. Organisations must reassess their security towards operational resilience and their ability to deliver their intended outcome against adverse cyber events. Rather than trying to buy the latest security technology, we need to understand that cybersecurity is not a product; it is a process. Therefore, we need to increase visibility of the digital cyberspace, control access, identify malicious activity and respond to security threats and vulnerabilities before they become problems.” continued Patsis.