Healthcare Under Ransomware Attack
Why Healthcare Is Now the 3rd Most Targeted Industry in the Ransomware Cybercrime Ecosystem
EXEC SUMMARY:
Rising Ransomware in Healthcare and the Urgency for Proactive Defense
Healthcare is now the third most targeted industry in the ransomware landscape, with incidents surging by over 32% from 2023 to 2024.
The tipping point for ransomware’s focus on healthcare came with the high-profile Change Healthcare attack. This incident marked a breaking point in the ransomware ecosystem, exposing vulnerabilities in the traditional group-affiliate structure and driving the shift to more aggressive, affiliate-dominated models. The fallout fundamentally altered how ransomware groups operate, making healthcare organizations prime targets. Drawing on insights from our latest ransomware report, State of Ransomware 2024: A Year of Surges and Shuffling as well as additional primary research, the Black Kite Research & Intelligence Team (BRITE), uncovers what’s happening behind the scenes to explain this surge and what healthcare organizations can do to protect themselves.
Why Healthcare Data Is Frequently the Target of Ransomware Attacks
Key Findings:
Healthcare Ranks #3:
Healthcare incidents rose from 5% to 8% of all ransomware attacks, while overall attacks on healthcare organizations surged by 32.16%.
Affiliate Power:
Affiliates now choose ransomware groups based on payout rates and reliability.
Small Practices at Risk:
Less protected and resource-constrained, small healthcare businesses are prime targets.
New Ransomware Groups:
More aggressive, with fewer ethical boundaries, targeting high-stakes sectors like healthcare.
Rippling Effects:
The potentially devastating impact on patient care makes healthcare organizations likely targets for ransomware.
Early Warning System:
Black Kite’s Ransomware Susceptibility Index® (RSI™) offers advance warning of potential attacks – up to 7 months in the case of Change Healthcare.
If you're in the healthcare industry, your supply chain is likely filled with healthcare-focused vendors, each a potential entry point for ransomware attacks.
Staying vigilant about ransomware activity has never been more critical to safeguarding your organization—and your patients—from the devastating ripple effects of a breach.