ENISA: 54% of Attacks on Healthcare Providers Involve Ransomware


July 20, 2023

World map

The European Union Agency for Cybersecurity (ENISA) published its first cyber threat landscape specifically looking at threats to the healthcare sector, finding that “ransomware accounts for 54% of cybersecurity threats in the health sector.”

Key findings in the ENISA report include:

  • Healthcare providers accounted for 53% of reported security incidents, with hospitals the target in 42% of incidents, health authorities at 14%, and the pharma at 9%
  • Only 27% of organizations in the healthcare sector had a dedicated ransomware defense program
  • Patient data, including electronic health records, were targeted in 30% of incidents  
  • Attackers intended to steal or leak healthcare data in 46% of incidents
  • 80% of healthcare attacks involved exploiting vulnerabilities that resulted in 61% of security incidents

Takeaway: Unfortunately, healthcare providers are a favorite target of some of the most notorious ransomware operators, and the ENISA report highlights how these disruptive ransomware operators are intent on victimizing our fragile healthcare system.

There is no way to argue against the fact that the plague of ransomware attacks on healthcare providers pose a significant threat to human life.

Given how expensive healthcare is to obtain, the perception is that the industry must be very financially stable, but that is not the case. While some doctors and specialists may make a good living, the healthcare system in our nation is largely operated by non-profit entities who work on shoestring margins.

Ransomware attacks are the biggest threat facing organizations today, and healthcare providers have been hit particularly hard. Criminal ransomware groups know that the impact of an attack against healthcare organizations does not just disrupt everyday business; it directly affects the lives of their patients.

Ransomware operators are simply ruthless, heartless criminals with zero conscience, and they continue to victimize healthcare providers simply because they are easy targets. This sector typically lacks the appropriate budgets and staff to maintain a robust security posture despite grant money and technology donations from big companies. These organizations also lack the skilled staff required to properly manage and protect their infrastructure.

The average time it takes for an organization to recover from a ransomware attack has been pegged at three weeks (or more) according to multiple studies. While a private, profitable organization with ample resources may be able to weather a lengthy disruption to operations, patients cannot afford delays in treatment without putting their health or lives at risk.

And if a healthcare organization loses the ability to bill and be reimbursed for services rendered, it cannot sustain operations, pay for medical supplies, make regular payroll dates, and more. Ransomware attacks are extremely disruptive to any victim organization, but for healthcare providers, it can literally mean an end to their mission or worse – loss of life.

Halcyon.ai is the industry’s first dedicated, adaptive security platform that combines multiple advanced proprietary prevention engines along with AI models focused specifically on stopping ransomware – talk to a Halcyon expert today to find out more.