More than one in three healthcare providers have suffered a cyber-attack over the past year, with 10% paying a ransom or other extortion-related fee, according to Imperva.
The vendor polled over 100 healthcare IT professionals at the recent 2018 Healthcare Information and Management Systems Society (HIMSS) Conference in the US.
Unsurprisingly given the sizeable number that had suffered an attack, 77% of respondents said they were very concerned about a cybersecurity event hitting the organization while 15% admitted they needed to do more to improve their cyber-defenses.
Ransomware (32%) was the biggest concern in terms of online threats. That’s understandable, given the WannaCry attack of May 2017 devastated large parts of the NHS, leading to an estimated 19,000 cancelled operations and appointments.
Worryingly, over a quarter (26%) of respondents claimed they don’t have an incident response plan in place — something required by the new GDPR.
A recent report from Verizon revealed that the healthcare sector was the number one sector targeted by cyber attack. This was also the only sector where inside threats outweighed those from external attackers.
Imperva CTO, Terry Ray claimed to say, “Attackers understand the value of the data held by healthcare organizations, and as a result, they are quickly becoming a sweet spot for hackers looking to steal large amounts of patient records for profit.
He added saying, “There have been a number of incidents recently where cybercrime has impacted hospitals and left them unable to access patient data, which demonstrates the consequences of a successful attack. It is crucial that healthcare organizations take steps to protect their data. To retain patient trust, organizations must provide an excellent defense at all times.”