Ransomware has affected healthcare for decades, but organizations have become increasingly vulnerable as attackers have become brazen and more sophisticated. There's a financial and reputational impact: One health system had to settle with 126,000 patients for up to $3,000 each following a 2020 incident. And there's an operational impact: Two hospitals in Connecticut had to divert ambulances and close multiple outpatient facilities while computers were down earlier in 2023. Remediation can be costly. Not only do healthcare organizations need to get core business applications up and running again, they also need to recover lost revenue. An NCC Group analysis pegs the potential overall loss from a single ransomware attack at 30 percent of annual operating income. For one hospital St. Margaret's Health in Illinois the financial impact of a 2021 ransomware attack was enough to force the institution to close for good. "The cost is only going up," says Jon Nelso
Healthcare cybersecurity and ransomware prevention require a top-down approach that includes executive buy-in, end-user awareness and tech vendor partnerships.
One might imagine an attack on a city government and police force causing widespread and lengthy disruption would be headline news. But ransomware attacks are now so common and routine that most pass with barely a ripple of attention.