Ransomware in healthcare is literally life-threatening

The news

Last week, dozens of hospitals in the United States had to cancel surgeries and reroute ambulances due to a ransomware attack. Ransomware is malware that employs encryption to hold a victim’s information for ransom. The organization’s critical data is encrypted so that they cannot access files, databases, or applications. Read more on Ars Technica.

In 2021, 38 attacks on healthcare providers and systems have disrupted patient care at roughly 963 U.S. locations, compared to 560 sites being impacted in 80 separate incidents in 2020, according to Brett Callow, a threat analyst at security firm Emsisoft.

In May, Scripps Health hospitals were the target of a ransomware attack. It has now been revealed that this caused $106 million in losses, representing a staggering 20% of the company's total second-quarter revenue. 

Why it matters

The reports show that all healthcare organizations must take their cybersecurity even more seriously. They are, after all, one of the most critical infrastructures in our society. 

What’s more, the potential areas of attack are growing, as healthcare increasingly takes place outside the walls of hospitals. Attentive readers know the drivers behind this, including decentralized trials, telehealth, and healthcare wearables.

The bigger picture

With this in mind, it's no wonder that cybersecurity firms and founders are increasingly turning to the healthcare industry. While only a few companies (like Medigate, ClearData, and CyberMDX) are solely focused on healthcare cybersecurity, the sector is an outgrowth of IoT security, which has grown enormously in recent years, according to Crunchbase data.