Hospitals and clinics have lost millions due to ransomware attacks

Study estimates Missouri providers lost more than $5 million in last several years

Megan Lynch
February 24, 2020 - 6:00 am

St. Louis, MO (KMOX) - A new study reveals ransomware attacks are costing health care systems millions of dollars.

The study by Comparitech estimates a $157 million impact of ransomware on medical facilities across the US in the last several years.  While few health providers report when they do pay in ransoms, the study suggests ransom payments and downtime during breaches cost Missouri hospitals and clinics more than $5.5 million since 2016. 

"I think it's common because a lot of hospitals pay the ransoms so it's easy for criminals to go after them," points out Comparitech Editor and Consumer Privacy Expert, Paul Bischoff.  Bischoff says hospitals can't do without data for long, and the average time it takes to recover from a ransomware attack is more than two weeks. 

He does say only a small percentage of medical facilities end up paying ransoms to get control of their data back, "it's a small fraction but big enough that it's attractive.  We also did a study in the UK where none of the hospitals paid up and we've seen ransomware attack drop off pretty sharply."

Bischoff says the most common way cybercriminals gain access is through malicious emails.

@ 2020 KMOX (Entercom). All rights reserved.