By Jeff Wardon, Jr., Assistant Editor

A recent study conducted by Comparitech found that there have been 539 confirmed ransomware attacks on U.S. healthcare organizations since 2016. The attacks have affected more than 52 million patient records and impacted 10,000 different facilities, estimating a cost of $77.5 billion in just downtime alone.  

According to the study, these were the other key findings: 

• Ransomware amounts varied from $1,600 to $10 million 
• Downtime varied from minimal disruption  to months upon months of recovery time 
• On average medical organizations lost nearly 14 days to downtime, with each year varying from 2.6 days in 2018 to 18.71 days in 2023. 
• Hackers demanded more than $39 million across 34 attacks and received payment in 31 out of 160 cases where the medical organizations disclosed whether or not they paid the ransom. They are more likely to disclose that they haven’t paid the ransom than if they have 

Cyberattacks do more than just breach an organization’s systems, it can outright cripple them. As evidenced by the study, these attacks can bring down entire systems and keep them inoperable for a long period of time.  

In addition, these attacks are costly to a healthcare facility both from a financial and a timely perspective.  

Even without the $77.5 billion estimated to have been lost, the ransoms demanded from hacker groups can be very high. As mentioned in the key findings, ransomware amounts topped out at $10 million. Paying the ransom is not recommended according to Cybereason, as paying can embolden hackers, lead to fines or recovering corrupted files even if paid off.  

The overall downtime totaled to 6,347 days, or in other terms, almost 17 and a half years. With that amount of downtime, critical services such as patient care may not be able to be provided. Down healthcare facilities would have to redirect or divert patients to other unaffected facilities, causing a delay in care. 

To prevent these cyberattacks from happening, the Cybersecurity & Infrastructure Security Agency (CISA) recommends: 

• Turning on Multifactor Authentication (MFA): Opt into this extra step with trusted websites and apps when they ask for verification. 
• Update Your Software or Turn on Automatic Updates: With outdated software, it becomes easier for hackers to find exploits and gain a foothold in an organization’s systems. Updating software will implement the latest fixes and patch out potential exploits. 
• Think Before You Click: If a link looks suspicious, do not click on it. Even if it looks legitimate, exercise caution and verify that it is the person or entity they are claiming to be. Clicking on these suspicious links and the like can open vectors for attack from hackers. 
• Use Strong Passwords: Create passwords that are at least 15 characters long, that are unique (never used anywhere else) and randomly generated. 

Jeff Wardon, Jr. is the assistant editor for the facility market.