Healthcare Ransomware a Factor in 42 Deaths over 5 Years

Ransomware attacks targeted at healthcare organizations have outsized -- and sometimes devastating -- effects.

A new report from zero trust security specialist Rubrik titled "The State of Data Security: Measuring Your Data's Risk" focuses on trends in cloud, ransomware and healthcare. Unfortunately, the last two are closely intertwined.

Given the healthcare sector's disproportionate amount of sensitive data, the effects of cyberattacks in this market are particularly high-stakes, observed Rubrik:

  • Ransomware attacks against observed healthcare organizations have an estimated impact of almost five times more sensitive data than the global average.
  • This equates to an estimated 20 percent of a typical healthcare organization's total sensitive data holdings impacted every time there is a successful ransomware encryption event, compared to 6 percent for an average organization.
  • Virtualization really matters for healthcare and ransomware: 97 percent of all encrypted data in Rubrik observed healthcare organizations last year occurred within virtualized architecture compared to 83 percent across all industries.

Moreover, in the healthcare field, ransomware can literally be a life or death concern, with the report displaying a graphic illustrating how ransomware fallout directly contributed to at least 42 deaths in the United States between 2016 and 2021:

Ransomware fallout infographic
[Click on image for larger view.]

As far as the other key topics of the report, the cloud and ransomware in general, an April 30 news release summarized the findings:

  • As Cloud Becomes More Widely Adopted, New Security Blind Spots Emerge:

    The report said: "The existence of commercially available clouds can now be measured in decades. Yet, confusion about cloud data security remains. The cloud is targeted with more frequency -- and more success -- than its on-premises counterparts. It also contains blind spots making it difficult to defend."

    Data points include:

    • Organizations are becoming more dependent on the cloud. In 2023, Rubrik observed that cloud architecture stored 13 percent of an organization's data, compared to 9 percent in 2022. Comparatively, on-premises declined from 77 percent in 2022 to 70 percent in 2023.
    • Of the external organizations victimized in a cyberattack in 2023, many were attacked across multiple aspects of their hybrid environment with 67 percent of attacks impacting SaaS data, 66 percent for the cloud, and 51 percent for on-premises locations.
    • The cloud comes with inherent risk based on security blind spots and vulnerable sensitive data, according to Rubrik Telemetry:
      • Blind spot #1: 70 percent of all data in a typical cloud instance is object storage, which typically has a far lower security coverage compared to other areas.
      • Blind spot #2: 88 percent of all data in object storage is not confirmed as machine readable or covered by prominent security technologies and services.
      • Blind spot #3: More than 25 percent of object storage data is subject to regulatory or legal requirements, such as protected health information (PHI) and personally identifiable information (PII).

  • Ransomware Continues to Wreak Havoc across Organizations -- and IT and Security Teams:

    The report said: "With few exceptions, healthcare organizations produce and store more sensitive data and are subject to more regulatory scrutiny than other industries. A fringe benefit of the regulatory pressures on healthcare is more publicly available data to study."

    Data points include:

    • 94 percent of IT and security leaders reported their organization experienced a significant cyberattack last year, and on average faced 30 attacks in that timeframe. One-third of these victims endured at least one ransomware attack.
    • 93 percent of external organizations that endured a ransomware attack reported paying a ransom demand, with 58 percent of these payments motivated primarily by threats to leak stolen data.
    • 96 percent of senior IT and security leaders reported changes to their emotional and/or psychological state as a direct result of a cyberattack, with 38 percent worrying over job security.
    • Leadership changes increased following cyberattacks, reported by 44 percent of organizations -- up from 36 percent in Rubrik Zero Labs' Fall 2022 report “The State of Data Security: The Human Impact of Cybercrime.”

"Despite the fallout of cyberattacks dominating headlines, data risk is an issue that continues to be murky -- especially in terms of what security teams can actually change and what they cannot," said Steven Stone, head of Rubrik Zero Labs. "With this report, we aim to provide quantifiable insights that IT and security leaders can bring back to their organization to drive greater cyber resilience -- in particular with their partners in the business and governance teams. The more we talk about cyber threats like ransomware, and its impact on industries like healthcare, the more we can collaborate to minimize the risk calculus and ultimately beat cyber attackers trying to impede our businesses."

The report is based on Rubrik's own telemetry and a survey conducted by Wakefield Research, which polled more than 1,600 IT and security leaders, about half of which are CIOs and CISOs, at companies of 500 or more employees. The research was conducted in the U.S., UK, France, Germany, Italy, Netherlands, Japan, Australia, Singapore and India between Jan. 18 and Jan. 30, 2024. None of the polled organizations are existing Rubrik clients.

About the Author

David Ramel is an editor and writer for Converge360.

Must Read Articles

Welcome to, the new site for healthcare IT Pros looking for insights on cloud and other cutting-edge IT tech.
Sign up now for our newsletter and don’t miss out! Sign Up Today