Cybercriminals have successfully encrypted data in nearly 75% of ransomware attacks on healthcare organizations, amounting to the highest rate of encryption in the past three years, Sophos said in a new report.The study's results, chronicled in the vendor's newly released report, The State of Ransomware in Healthcare 2023, show a significant increase in the number of healthcare organizations (61%) that were impacted by a data encryption event in 2022.The survey polled 3,000 IT/cybersecurity leaders in organizations with between 100 and 5,000 employees, including 233 from the healthcare sector, across 14 countries in the Americas, EMEA and Asia Pacific.In 37% of ransomware attacks where data was successfully encrypted, data was also stolen, suggesting a rise in the “double dip” method. Healthcare organizations are now taking longer to recover, with 47% recovering in a week, compared to 54% last year. The overall number of ransomware attacks against healthcare organizations surveyed declined from 66% in 2022 to 60% in 2023. Compromised credentials were the number one root cause of ransomware attacks against healthcare organizations, followed by exploits. The number of healthcare organizations surveyed that paid ransom payments declined from 61% last year to 42% this year. This is lower than the cross-sector average of 46%. Security tools defend against the most common attack vectors, including endpoint protection with strong anti-ransomware and anti-exploit capabilities. Zero Trust Network Access (ZTNA) thwart the abuse of compromised credentials. Adaptive technologies respond automatically to attacks, disrupting adversaries and buying defenders time to respond. 24/7 threat detection, investigation and response can be delivered in-house or by a specialized Managed Detection and Response (MDR) provider. In addition, users should take the following measures:Optimize attack preparation, including regularly backing up, practicing recovering data from backups and maintaining an up-to-date incident response plan. Maintain security hygiene, including timely patching and regularly reviewing security tool configurations.