Microsoft said in a report on Tuesday that ransomware attacks against the healthcare sector led by Iranian hackers are on the rise, putting lives at risk.
The report leverages both internal and external data from companies and finds that since 2015, ransomware attacks on the healthcare sector have increased by 300%, and that they are accepting patients from nearby facilities paralyzed by such attacks. It points out that cases of stroke and cardiac arrest are on the rise in hospitals. .
These all represent a dangerous trend from the height of the COVID-19 pandemic, when some ransomware groups vowed to avoid attacks on the healthcare sector.
“Unfortunately, that (commitment) has been taken off the table and covered everything that touches healthcare, from hospital systems to clinics to doctor's offices, and really anything that could impact patient care. “We're starting to see widespread use of this information,” Sherrod DeGrippo, director of threat intelligence strategy at Microsoft, told CyberScoop. “Organizations are more likely to pay because attackers know people's lives are at risk.”
According to Microsoft's Q2 2024 data, healthcare is one of the top 10 most targeted sectors, with an average payment of $4.4 million, according to a survey of healthcare organizations.
According to Microsoft data, Iranian gangs appear to be targeting healthcare institutions the most.
A study last year found that ransomware attacks on hospitals caused a ripple effect, with unaffected hospitals experiencing a surge in patients, a 113% increase in stroke cases, and an 81% increase in cardiac arrest cases. Survival rates were also lower in these cardiac arrest cases.
“We know that this type of incident impacts many technologies, such as CT scanners and testing machines, used to treat patients suffering from heart attacks, strokes, sepsis, etc.” said Jeff Talley. Professor at the University of California, San Diego Medical Cybersecurity Center and co-author of the study told CyberScoop. “And we also know that during this downtime, there is a delay in our ability to care for our patients.”
Talley said the center is working to develop ransomware response strategies for healthcare organizations, while DeGrippo emphasized the importance of building resilience in the event of an attack.