A new study from Obrela Security Industries has revealed that 76 percent of UK healthcare organisations would support the government introducing legislation to make it illegal for healthcare organisations to pay ransom demands to cybercriminals.
The study was carried out in September 2021 and examined the attitudes of 100 cybersecurity managers in UK healthcare organisations. Other findings from the study revealed that 44 percent chose not to pay a ransom demand but lost their healthcare data as a result, while 65 percent believe a cyberattack on their systems could lead to the loss of lives.
The study also revealed that 81 percent of UK healthcare organisations have suffered a ransomware attack in the last year, which resulted in 64 percent having to cancel in person medical appointments and 38 percent having pay a ransom demand to release their data from cyber criminals. Only five percent of UK healthcare organisations have successfully mitigated a ransomware attack on their systems without it having any impact or losing any data.
“Healthcare organisations hold some of the world’s most sensitive data and our study shows many are completely unprepared for cyberattacks. Threat actors target valuable confidential data, making healthcare a growing target and ransomware is steadily picking up pace as today’s cyber-weapon of choice. However, most organisations will not be able to identify a data leakage or a security compromise before it is too late. The security community and the UK Government should use this data as a call to action to step in and assist. Technology has been evolving very rapidly and it has become a critical element of modern healthcare, but it has also become a significant part of the attack landscape. What is worrisome is that healthcare technology is often deployed and used without security in mind. Therefore, security professionals must consider that the risk profiles of those organisations are now higher, given the complexity of the underlying infrastructure, as well as the fusion of previously physically and logically separated technologies. In short, we need to act now, otherwise we will witness the loss of human lives” said George Patsis, CEO of Obrela Security Industries.
The study was carried out in conjunction with the release of the Obrela Q3 Digital Universe Study, which is a quarterly roundup of the attacks targeting Obrela’s customers from the last three months. The Q3 data highlighted that there was a 30 percent increase in attacks on healthcare industry IT infrastructure when compared to Q2 2021. The data also highlighted that during the last three months healthcare organisations experienced a 36 percent increase in email security threats, a 24 percent increase in insider attacks and a 20 percent increase in perimeter breaches.