{"id":112721,"date":"2025-03-31T07:02:40","date_gmt":"2025-03-31T15:02:40","guid":{"rendered":"https:\/\/xira.com\/p\/2025\/03\/31\/most-healthcare-providers-remain-highly-vulnerable-to-ransomware-attacks\/"},"modified":"2025-03-31T07:02:40","modified_gmt":"2025-03-31T15:02:40","slug":"most-healthcare-providers-remain-highly-vulnerable-to-ransomware-attacks","status":"publish","type":"post","link":"https:\/\/xira.com\/p\/2025\/03\/31\/most-healthcare-providers-remain-highly-vulnerable-to-ransomware-attacks\/","title":{"rendered":"Most Healthcare Providers Remain Highly Vulnerable To Ransomware Attacks"},"content":{"rendered":"

The post Most Healthcare Providers Remain Highly Vulnerable To Ransomware Attacks<\/a> appeared first on Above the Law<\/a>.<\/p>\n

About 90% of healthcare organizations are insecurely connected to the internet and running systems vulnerable to exploitation by ransomware gangs, according to research<\/a> released this week by cybersecurity firm Clarorty<\/a>.<\/p>\n

The report examined data from more than 350 healthcare organizations, finding that 78% of them have made ransomware payments of $500,000 or more.<\/p>\n

Healthcare cybersecurity incidents are often egregiously expensive because they create a wide range of costs \u2014 chief among them being the inability to provide patient care, noted Ty Greenhalgh, industry principal of healthcare at Claroty.<\/p>\n

\u201cWhen systems are locked down by ransomware or disrupted by cyberattacks, hospitals may be forced to divert patients, cancel procedures or revert to manual operations, all of which impact revenue and patient safety,\u201d he explained.<\/p>\n

Beyond service disruption, costs can build up due to things like ransomware payments, regulatory fines, class action lawsuits and the provision of identity protection services for impacted patients, Greenhalgh added.\u00a0<\/p>\n

He pointed out that even simple expenses like notification letters add up fast when thousands of people are affected. Depending on the healthcare organization and its footprint, millions of people could be affected by a single cyberattack. For instance, Change Healthcare\u2019s cyberattack<\/a> from last year exposed the data of 190 million people<\/a>, and Ascension\u2019s cyberattack<\/a> from last year impacted more than 5 million people<\/a>.<\/p>\n

\u201cFor example, at $0.15 per letter, a breach affecting 2 million patients results in a $300,000 cost just for mailing notifications. Combine this with forensic investigations, system recovery, lost revenue, and reputational damage and the total financial impact can reach millions \u2014 or even billions \u2014 of dollars,\u201d Greenhalgh explained.<\/p>\n

In his eyes, the riskiest exposure facing healthcare organizations right now is internet-facing devices that have known exploitable vulnerabilities (KEVs) linked to ransomware attacks in the wild.\u00a0<\/p>\n

KEVs refer to security flaws that have been actively exploited by cybercriminals \u2014 posing an immediate risk to systems and requiring urgent remediation.<\/p>\n

\u201cThese devices are actively communicating outside the health system, have been compromised in attacks against other organizations, and remain a prime target for cybercriminals,\u201d Greenhalgh said.<\/p>\n

The traditional cybersecurity tools and processes that healthcare providers are using to manage their IT devices are not addressing these vulnerabilities adequately, he added.<\/p>\n

Healthcare organizations often struggle to stay on top of cybersecurity best practices because of how quickly the threat landscape is evolving and how complex their operating environments are, Greenhalgh stated.<\/p>\n

\u201cHistorically, humans were the weakest link, with phishing and social engineering being the primary entry points for attackers. However, since 2024, hands-on-keyboard system exploitation has surged, making direct system hacking just as prevalent,\u201d he remarked.<\/p>\n

Cybercriminals won\u2019t stop targeting healthcare providers, so they can\u2019t completely prevent a motivated hacker from gaining access to their network, Greenhalgh noted. Instead, he said their focus should be on raising barriers to lateral movement and privilege escalation, which are key steps in ransomware attacks. These steps enable attackers to spread across a network, gain higher-level access and maximize damage by encrypting an organization\u2019s critical systems and data.<\/p>\n

But healthcare providers have a very tall task in front of them when it comes to elevating risk barriers, Greenhalgh said.<\/p>\n

\u201cThis requires strong cybersecurity basics, including device identification, communication mapping, network segmentation and vulnerability management \u2014 all of which are difficult to achieve,\u201d he declared.<\/p>\n

Photo: WhataWin, Getty Images<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

The post Most Healthcare Providers Remain Highly Vulnerable To Ransomware Attacks appeared first on Above the Law. About 90% of healthcare organizations are insecurely connected to the internet and running systems vulnerable to exploitation by ransomware gangs, according to research released this week by cybersecurity firm Clarorty. The report examined data from more than 350 […]<\/p>\n","protected":false},"author":3,"featured_media":112722,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[16],"tags":[],"class_list":["post-112721","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-above_the_law"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/xira.com\/p\/wp-content\/uploads\/2025\/03\/GettyImages-1185282377-BY6rhy.jpeg?fit=2304%2C1301&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/posts\/112721","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/comments?post=112721"}],"version-history":[{"count":0,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/posts\/112721\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/media\/112722"}],"wp:attachment":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/media?parent=112721"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/categories?post=112721"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/tags?post=112721"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}