Ransomware stakes are life-or-death, says Ponemon report

The institute examined the continued impact of ransomware attacks on patient care and asked healthcare IT professionals to evaluate their use of benchmarking in making their cybersecurity program decisions.
By Andrea Fox
08:44 AM

Photo: Jackyenjoyphotography/Getty Images

Nearly half of healthcare provider respondents (45%) said ransomware attacks increased complications from medical procedures, according to a new study from the Ponemon Institute. That's up from 36% in 2021.

WHY IT MATTERS

For the report, "The impact of ransomware on patient safety and the value of cybersecurity benchmarking," which was sponsored by Censinet, Ponemon researchers surveyed 579 healthcare IT professionals at healthcare-delivery organizations in the fourth quarter of 2022 in order to understand how ransomware continues to impact patient care, and to determine the value of cybersecurity benchmarking in reducing impacts.

Like the first study, "The impact of ransomware on healthcare during COVID-19 and beyond," Ponemon found that more than one in five respondents indicated that ransomware attacks had an adverse impact on patient mortality rates.

The most prevalent impact identified was an increase in patients transferred or diverted to other facilities, reported by 70% of those surveyed, up from 65% in the previous study. 

More organizations experienced ransomware attacks, with an increasing number caused by poor cybersecurity controls and third-party technology vulnerabilities – and more of these organizations are paying the ransom.

Now 67% of respondents, up from 60%, said their organizations paid, with the average ransom payment increasing from $282,675 in 2021 to $352,541.

"The average duration of disruptions caused by ransomware attacks has not improved and can last more than one month (35 days)," the researchers said.

The new study also looked at benchmarking factors in risk-mitigation resourcing, like staffing investments that accommodate higher levels of oversight needed to manage growing third-party risks and funding for new cyber preparedness technologies.

"Cybersecurity peer benchmarking provides valuable insights into how healthcare resources should be allocated to reduce the risk of ransomware and its potential impacts on patient care," the researchers said in the report.

Benchmarking demonstrated the effectiveness of their cybersecurity framework, and compliance helped respondents to establish cybersecurity program goals and more data-driven decision-making. They also found that it helped them to respond to and recover from ransomware attacks. 

"The findings in this year’s Ponemon report are, unfortunately, not surprising as ransomware continues to shut down hospital operations and disrupt care at an alarming rate,” said Ed Gaudet, CEO and founder of Censinet, in a statement.

"This report highlights the continued threats while introducing new approaches to creating rigorous, robust and continuous cyber programs that protect patients," he said in a statement.

Censinet is also working on a separate benchmarking study involving up to 100 participating healthcare organizations to be released in 2023. We recently spoke with Gaudet about that work and other cybersecurity imperatives.

THE LARGER TREND

The U.S. Department of Homeland Security's Cybersecurity & Infrastructure Security Agency previously studied and quantified a correlation between intensive care bed utilization and excess deaths two, four and six weeks beyond a ransomware attack.

CISA warned, a little more than a year ago, that the additional strain of ransomware attacks and the excess deaths they cause on a care-delivery system already reeling from the pandemic could have severe upstream effects.

"An analysis of these excess deaths on top of COVID-19 death reveals some interesting demographic slices – one of which is that one of the fastest growing groups affected by these non-COVID-19 excess deaths from degraded and delayed care are 25-to-44-year-olds," Josh Corman, CISA senior advisor and strategist, explained.

He told Healthcare IT News ahead of a presentation on how the agency can support struggling healthcare organizations at the HIMSS Healthcare Cybersecurity Forum that the quality of healthcare infrastructure nationwide was degrading.

"Armed with the elevated case rates and hospitalizations of the pandemic as a baseline, we were able to lean in and try to study this national experiment of protracted service disruption in hospitals," he said. 

"The team asked, can cyber [attacks] make it worse? And the answer is yes."

ON THE RECORD

"Our findings indicate that hospital IT/security personnel continue to believe ransomware has a broad and adverse impact on patient care," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, in announcing the new report. 

"With ransomware growing exponentially and most organizations under constant threat, this report also explores how peer benchmarking improves an HDO’s cybersecurity program effectiveness, including its decision-making, hiring and resource allocation," said Ponemon.

Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org

Healthcare IT News is a HIMSS publication.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.