Content, Content, Ransomware, Vertical markets

Research: Cloud Ransomware Hit Nearly 40% of Healthcare Organizations in 2020


In 2020, nearly 40 percent of healthcare organizations were victimized by ransomware attacks in the cloud, one in four was fined for regulatory non-compliance and one in 10 faced a lawsuit, a data security study found.

The results spring from Netwrix’s 2021 Cloud Data Security Report, initially released by the vendor in January. The report includes vertical market findings from the finance, education, government and healthcare sectors. The online survey of 937 IT professionals worldwide who use private and public cloud services to store their data found that the most common cybersecurity incidents healthcare institutions experienced in the cloud were phishing (44%), ransomware (39%) and data theft by insiders (35%). Of the three, data theft was the most difficult to detect with more than 50 percent of organizations needing days or weeks to discover the breach. By comparison, phishing and ransomware were spotted in hours or less by the overwhelming majority of organizations.

The top consequences of cloud breaches in the healthcare sector were:

  • Unplanned expenses to fix security gaps (24%)
  • Compliance fines (23%) and lawsuits (11%).
  • Most healthcare organizations attribute their cloud security challenges to lack of budget (61%), lack of IT/security staff (56%) and employee negligence (39%).

Other survey findings include (based on number of healthcare organizations):

  • 61%: Store customer data in the cloud.
  • 54%: Store personal health records in the cloud.
  • 32%: Needed days to discover accidental data leakage and supply chain compromise.
  • Top security measures healthcare organizations are taking in response to cloud security challenges: Encryption (78%), review of access rights (75%) and employee training (65%).

“An explosion of telehealth services and the shift of non-clinical employees to increased the need for cloud technologies in the healthcare sector,” said Ilia Sotnikov, Netwrix product management vice president. “As a result, new avenues for cyber threats opened up. Moreover, because hospitals and health systems are dealing with high caseloads caused by the pandemic, the threat to care delivery remains extremely high,” he said.

The study’s full findings showed that more than one in two organizations storing customer data in the cloud experienced security breaches in 2020. The high incident rate has prompted more than 60 percent of organizations to remove sensitive material from the cloud if they haven’t already done so, Netwrix said.

In 2020, insider data theft negatively impacted company valuation (33%) while external hacking led to customer churn (35%) and loss of competitive edge (35%), the report found. The results also revealed that the most common types of cloud security incidents were phishing (40%), ransomware or other malware (24%), and accidental data leakage (17%). More than half of the study’s participants said that additional budget was needed to fix security gaps that led to the security incidents. In terms of data security challenges, a shortage of IT staff was cited by 52 percent of the survey’s respondents followed by constricted budget (47%) and lack of cloud security expertise (44%).

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.