Amid news of a ransomware attack that saw 400GB of sensitive NHS patient data exposed online, a report has revealed healthcare firms were hit with four times as many cyber-attacks than the global average in 2023. The report, conducted by cyber security firm KnowBe4, found that in the first three quarters of last year, the […]
Amid news of a ransomware attack that saw 400GB of sensitive NHS patient data exposed online, a report has revealed healthcare firms were hit with four times as many cyber-attacks than the global average in 2023.
The report, conducted by cyber security firm KnowBe4, found that in the first three quarters of last year, the sector experienced 1,613 cyberattacks per week.
Additionally, the average cost of a breach reached nearly $11 million over the past three years, more than three times the global average – making the healthcare industry the costliest for cyberattacks.
According to KnowBe4, healthcare and pharmaceutical firms are among the most vulnerable to phishing attacks – particularly in large healthcare organisations, where employees have a 50% likelihood of falling victim to a phishing email.
In other words, criminals have a better than 50/50 chance of successfully phishing an employee in the sector.
“The healthcare sector remains a prime target for cybercriminals looking to capitalise on the life-or-death situations hospitals face,” said Stu Sjouwerman, CEO of KnowBe4.
“With patient data and critical systems held hostage, many hospitals feel like they are left with no choice but to pay exorbitant ransoms. This vicious cycle can be broken by prioritising comprehensive security awareness training,” Sjouwerman advised.
One recently reported breach was the ransomware attack on pathology firm Synnovis, which processes blood tests for NHS hospitals across London.
Speaking to the BBC’s Today programme , National Cyber Security Centre (NCSC) chief, Ciaran Martin said that it was unlikely the gang behind the attack (Qilin) would receive any ransoms.
This is because the UK government has a policy of not allowing public sector organisations to pay ransoms, although he acknowledged that Synnovis isn’t under the same restrictions as it is a public/private partnership.
In the second week after the attack, more than 320 planned operations and nearly 1,300 outpatient appointments were postponed at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust.
On top of this, over 1,100 operations were cancelled after the attack.
Reports claim Qilin had demanded up to $50 million in ransom to release the data. Martin added that the gang likely expected a quick pay-off and may not have anticipated such disruption when it attacked Synnovis.
The breach eventually saw patient names, dates of birth, NHS numbers and descriptions of blood tests exposed online. Business account spreadsheets were also uploaded, exposing arrangements between hospitals, GP services, and Synnovis.
“This situation underscores a few critical points that organisations – not just in healthcare, but across all sectors – need to internalise,” said Javvad Malik, security awareness advocate at KnowBe4.
Malik enforced that regular security assessments, prompt patching of vulnerabilities, effective incident response plans, and robust data encryption are “just the tip of the iceberg when it comes to securing data.”
“This event should serve as a catalyst for broader conversation on cybersecurity legislation, inter-organisational cooperation, and the sharing of threat intelligence,” he added.
“There’s a pressing need for a unified response to cyber threats and building of a strong security culture facilitated by government agencies, the private sector, and international bodies.”
