Ransomware stakes are life-or-death, says Ponemon report

Nearly half of healthcare provider respondents (45%) said ransomware attacks increased complications from medical procedures, according to a new study from the Ponemon Institute. That’s up from 36% in 2021.


For the report, “The impact of ransomware on patient safety and the value of cybersecurity benchmarking,” which was sponsored by Censinet, Ponemon researchers surveyed 579 healthcare IT professionals at healthcare-delivery organizations in the fourth quarter of 2022 in order to understand how ransomware continues to impact patient care, and to determine the value of cybersecurity benchmarking in reducing impacts.

Like the first study, “The impact of ransomware on healthcare during COVID-19 and beyond,” Ponemon found that more than one in five respondents indicated that ransomware attacks had an adverse impact on patient mortality rates.

The most prevalent impact identified was an increase in patients transferred or diverted to other facilities, reported by 70% of those surveyed, up from 65% in the previous study. 

More organizations experienced ransomware attacks, with an increasing number caused by poor cybersecurity controls and third-party technology vulnerabilities – and more of these organizations are paying the ransom.

Now 67% of respondents, up from 60%, said their organizations paid, with the average ransom payment increasing from $282,675 in 2021 to $352,541.

“The average duration of disruptions caused by ransomware attacks has not improved and can last more than one month (35 days),” the researchers said.

The new study also looked at benchmarking factors in risk-mitigation resourcing, like staffing investments that accommodate higher levels of oversight needed to manage growing third-party risks and funding for new cyber preparedness technologies.

“Cybersecurity peer benchmarking provides valuable insights into how healthcare resources should be allocated to reduce the risk of ransomware and its potential impacts on patient care,” the researchers said in the report.

Benchmarking demonstrated the effectiveness of their cybersecurity framework and compliance helped respondents to establish cybersecurity program goals and more data-driven decision-making. 

They also found it helped them to respond to and recover from ransomware attacks. 

“The findings in this year’s Ponemon report are, unfortunately, not surprising as ransomware continues to shut down hospital operations and disrupt care at an alarming rate,” said Ed Gaudet, CEO and founder of Censinet, in a statement.

“This report highlights the continued threats while introducing new approaches to creating rigorous, robust and continuous cyber programs that protect patients,” he said in a statement.

Censinet is also working on a separate benchmarking study involving up to 100 participating healthcare organizations to be released in 2023. We recently spoke with Gaudet about that work and other cybersecurity imperatives.


The U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency

previously studied and quantified a correlation between intensive care bed utilization and excess deaths two, four and six weeks beyond a ransomware attack.

CISA warned, a little more than a year ago, that the additional strain of ransomware attacks and the excess deaths they cause on a care delivery system already reeling from the pandemic could have severe upstream effects.

“An analysis of these excess deaths on top of COVID-19 death reveals some interesting demographic slices – one of which is that one of the fastest growing groups affected by these non-COVID-19 excess deaths from degraded and delayed care are 25-to-44-year-olds,” Josh Corman, CISA senior advisor and strategist, explained.

He told Healthcare IT News ahead of a presentation on how the agency can support struggling healthcare organizations at the HIMSS Healthcare Cybersecurity Forum that the quality of healthcare infrastructure nationwide was degrading. 

“Armed with the elevated case rates and hospitalizations of the pandemic as a baseline, we were able to lean in and try to study this national experiment of protracted service disruption in hospitals,” he said. 

“The team asked, can cyber [attacks] make it worse? And the answer is yes.”


“Our findings indicate that hospital IT/security personnel continue to believe ransomware has a broad and adverse impact on patient care,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, in announcing the new report. 

“With ransomware growing exponentially and most organizations under constant threat, this report also explores how peer benchmarking improves an HDO’s cybersecurity program effectiveness, including its decision-making, hiring and resource allocation,” said Ponemon.

Source: Read Full Article