October 24, 2024 at 06:46AM
This year, ransomware impacted 389 US healthcare organizations, risking patient safety and costing up to $900,000 daily in downtime. Attacks led to increased emergency cases and dwindling survival rates. Organized groups, primarily Iranian, have intensified these intrusions, facilitated by ransomware-as-a-service and geopolitical factors.
**Meeting Takeaways:**
1. **Ransomware Impact on Healthcare:**
– **Infections**: 389 US healthcare organizations were infected by ransomware this fiscal year.
– **Cost Implications**: Facilities face downtime costs of up to $900,000 per day, with average costs per attack reaching $4.4 million.
2. **Case Study – UnitedHealth**:
– Total expenditures related to the Change Healthcare ransomware attack in February:
– $776 million on network restoration.
– $1.4 billion on increased medical care costs.
– The company paid a ransom of $22 million.
3. **Patient Care Consequences**:
– Critical care for stroke patients suffered:
– Stroke code activations increased from 59 to 103.
– Confirmed strokes rose by 113.6%, from 22 to 47 cases.
– Cardiac arrest cases at a nearby hospital surged by 81%, from 21 to 38.
– Survival rates for out-of-hospital cardiac arrests with favorable neurological outcomes dramatically dropped from 40% to 4.5%.
4. **EMS Diversion**:
– There was a 35.2% increase in emergency medical services arrivals at other hospitals during ransomware incidents.
5. **Threat Landscape**:
– Ransomware attacks are mainly conducted by organized threat actor groups.
– Ransomware-as-a-service has lowered entry barriers for cybercriminals, leading to a 300% increase in healthcare ransomware attacks.
– Iranian groups are reportedly the most active this year. U.S. government has warned about Iranian actors engaging in hacking to steal data and collaborate with ransomware affiliates.
– Russian and Chinese groups are also involved, with Chinese activities linked to espionage.
6. **Research Source**:
– Findings were published in a Microsoft report that encompasses both internal and third-party research data.