Skip to main content
close search
site logo
Dive Brief

Quarter of providers saw mortality rates rise after ransomware attacks, survey finds

Published Sept. 23, 2021
Rebecca Pifer's headshot
Senior Reporter
Max Pixel

Dive Brief:

  • About one in four providers say their organizations saw an increase in mortality rates following a ransomware attack, according to a new survey from the Ponemon Institute.
  • The study, sponsored by Boston-based health data security company Censinet, found the COVID-19 pandemic has resulted in less confidence among providers in mitigating the risks posed by ransomware. Of the health delivery organizations surveyed, 61% have been victims of ransomware attacks, and of those that have been hit, 33% have been hit more than once. Meanwhile, 61% of providers aren't confident in their ability to combat ransomware, up from 55% pre-COVID-19.
  • Falling confidence is partially due to a sharp growth in third party ties, Ponemon found. Providers expect the number of third parties they contract with to grow at an annual rate of 30%, from 1,950 up to 2,541 in the next 12 months. Of the third parties, 43% have access to patients' personal health information, putting providers at higher risk of a breach or hack.

Dive Insight:

Hacks and data breaches always pose a threat to business operations or finances, but are particularly dangerous in healthcare, where they could potentially harm the quality of patient care. Cybersecurity experts have been warning that attacks using ransomware, a type of malware that encrypts a victim's files, rendering them inaccessible to their owner unless a ransom is paid to decrypt them, have been growing in the healthcare industry over the past few years without a corresponding increase in security measures.

And the pandemic has injected further volatility into the picture, as staffing challenges and increasing patient acuity are combining with new attack surfaces and infiltration points for bad actors with the rise of remote work, greater adoption of digital health tools and connected medical devices. The combination of these factors has created the "perfect cybersecurity storm," according to Ed Gaudet, Censinet's CEO.

However, tying ransomware attacks to a corresponding decline in care outcomes is tricky. This study of health delivery organizations is one of the first finding a direct impact on patient care down the line, and comes roughly a year after a patient died as a result of delayed care after University Hospital Düsseldorf in Germany was forced to turn them away from its emergency room after a ransomware attack — thought to be the first instance of death by ransomware.

Along with an increase in mortality, the survey of roughly 600 providers also found ransomware resulted in more complications from medical procedures, delays in procedures and tests resulting in poor outcomes, an increase in patients being transferred or diverted to other facilities and longer patient lengths of stay.

"Our findings correlated increasing cyberattacks, especially ransomware, with negative effects on patient care, exacerbated by the impact of COVID on healthcare providers," said Larry Ponemon, founder of the Ponemon Institute, a research group.

Recommended Reading

Filed Under: Hospitals, Health IT

Editors' picks

Company Announcements

View all | Post a press release
Jo Abernathy Joins Catalyst Solutions as Advisory Board Member
From Catalyst Solutions
July 31, 2024
Wiley to Expand Reach and Impact of Medical Education Programs to More Than 2.8 million Health…
From Wiley
July 31, 2024
Healthworx partners with Highmark Inc, LifeBridge Health for new accelerator program
From Healthworx
July 30, 2024
Catalyst Solutions to lead the Medicaid Modernization Panel at MESC24 on State of Florida's Mo…
From Catalyst Solutions
August 02, 2024
Editors' picks
Latest in Hospitals
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell