A new study has found that illegal cyberattacks that are carried out on healthcare providers to access the information of their patients has severe and, in some cases, fatal consequences for the patient. The study conducted by Proofpoint Inc and Ponemon Institute, who conduct high level security research, was released in September 2022 to portray the dangers of cyberattacks within the healthcare industry.
For the study, just under 650 IT and IT security entities that carry out cybersecurity procedures were surveyed. Out of these practitioners, it was found that 89% were subject to some form of cybersecurity attack in the last 12 months. An equally alarming discovery was that of this majority of entities, the number of attacks carried out on their healthcare data was an average of 43. The cybersecurity attacks varied significantly in cost, with the most expensive attack costing the entity more than 25 million US dollars. The average cost to the entities surveyed was averaged at nearly 4.5 million US dollars. This figure was arrived at from the accumulation of all costs resulting from the attack, including overhead costs and business opportunities that were lost from the attack
The four main types of cybersecurity attacks were as follows:
- Cloud compromise
- Ransomware
- Supply chain attacks
- Business email compromise (BEC)/spoofing phishing
The disruption to healthcare outcomes
Half of the entities surveyed by Ponemon Institute stated that the cybersecurity attack carried out against them affected their supply chain. This disruption led to worse patient outcomes in seventy five percent of attacks due to severe delays in patient testing and procedures. Patients who were affected by worse treatment became more ill in 54% of cases, while 51% were forced to extend their stay due to the delays. In addition to patients potentially becoming severely ill from less efficient treatment, responders reported a near 25% increase in mortality rate derived from the cybersecurity attacks. The increased mortality rate was not exclusive to cyber attacks that disrupted the entity’s supply chain, with BEC attacks leading to a 24% increase in mortality rate. Ransomware attacks were the biggest blow to patient outcomes, with 64% of those surveyed saying this form of attack affected their patient care and patient outcomes.,,