5 ransomware statistics and what they mean for healthcare IT decision-makers

In healthcare IT? Then these five statistics will change how you’re thinking about the security of your organization.

It’s no secret: ransomware keeps everyone awake at night. But that’s especially true for healthcare. In fact, HHS’ cybersecurity program recently issued an alert to healthcare providers warning them to guard against the “exceptionally aggressive” Hive ransomware group.

But unfortunately, the Hive group is one of (far too many) groups that you need to be aware; just one actor who wreaks havoc in a sea of ransomware (and even “killware”) attacks. Healthcare needs, now more than ever, to be able to prevent cyberattacks and data breaches.

Here are some healthcare ransomware statistics that will impact how you make decisions.


The statistic: More than 1 in 3 healthcare organizations globally report being hit by ransomware

What it means for you: It’s probably about when – not if – your healthcare organization gets hit by ransomware. If it’s just a matter of time – if your organization is one of the lucky few who haven’t already been hit – security needs to be your number one priority. Make sure your security focus is anchored in a digital identity strategy so that you can be confident you’ve locked down access for your organization.


The statistic: Ransomware attacks on healthcare almost doubled from 2020 to 2021

What it means for you: Together with the previous statistic, this showcases that the healthcare industry continues to be a popular attack choice – with no signs of slowing down. That means you need to stay vigilant and make proactive changes to strengthen your security posture.


The statistic: 61% of breaches involve compromised credentials

What it means for you: Credentials are how work get gets done at your healthcare organization. But usernames and passwords, alone, just aren’t cutting it anymore. (Plus, the need for complex passwords just makes it harder for clinicians to remember them!) You need to be careful to put solutions in place that take away reliance on pure credentials – like solutions for single sign-on, multifactor authentication, and privileged access management.


The statistic: Connected medical devices can make up 74% of the devices in a hospital’s network, but their security is often forgotten

What it means for you: Connecting devices comes with risk, so you need to optimize your IoT (or IoMT) strategy to account for new security needs. Interconnected medical devices play an incredibly valuable role in the delivery of patient care, but – like for every other type of identity – you need to lock down access.


The statistic: 40% consider mobile devices to be an organization’s biggest security risk

What it means for you: Like connected medical devices, connected mobile devices are becoming commonplace in healthcare settings, and they also require a different level of security scrutiny. You need to be able to eliminate security friction on mobile devices so that clinicians will actually use them (all while keeping them secure).


Is the impact of ransomware worse than you think? Maybe. Check out 12 more statistics and learn about why cyber insurance is so hard to get.