By Jeff Wardon, Jr., Assistant Editor

The healthcare and public health sector filed 249 ransomware complaints to the Federal Bureau of Investigation (FBI) in 2023, according to a report from Econofact. The healthcare and public health sector ranked the highest for ransomware complaints. 

Ransomware is malware used in cyberattacks that encrypts a device’s files, essentially making these files unusable. Hackers then demand ransom in return for decrypting the files, according to the Cybersecurity and Infrastructure Security Agency (CISA).  

Defending against ransomware and other cyberattacks is related to maintaining proper cybersecurity, and this issue remains true for healthcare organizations. Poorer cyber defenses also lead to increased likelihood of defenses being breached.  

Related: Third Party Vendors May Put Healthcare Facilities at Risk for Cyberattacks

One contributing factor to the unequipped cyber defenses is that most healthcare organizations allocate less than six percent of their IT budgets for cybersecurity, according to figures from KnowBe4.  

Given the critical nature of the services healthcare facilities provide, successful cyberattacks can spell trouble for communities well beyond healthcare because these attacks can cause facilities to shut down services or redirect them to other providers. This issue causes a delay in care for patients, meaning their health and well-being is also impacted by cyberattacks on healthcare.  

Additionally, cyberattacks— specifically those involving ransomware— also can be costly to those affected by them. From 2016 to 2023, an estimated cost of $77.5 billion in downtime alone affected 10,000 different facilities, according to a study from Comparitech. 

Jeff Wardon, Jr. is the assistant editor for the facilities market.