Study Finds how Cyber Attacks & Insufficient Accountability impact Patient Care

August 15, 2022:- Cynerio, one of the top providers of healthcare IoT cybersecurity, recently released a report executed in partnership with the Ponemon Institute that analyzes the current effects of cyberattacks on healthcare facilities and network-connected IoT and medical devices. The description details alarming trends, including general and repeated attacks, financial casualties measured in the millions, and recurring failures to take basic cybersecurity measures.

43% of hospitals encountered at least one ransomware attack, and 24% of attacks resulted in raised mortality rates. 

The Insecurity of Connected Devices in HealthCare 2022 Report surveyed specialists in leadership positions at 517 healthcare systems throughout the United States. Key determinations include:

  • Cyberattacks Are Routine, Recurring, and Adversely Impact Patient Care
  • 56% of respondents expressed their organizations experienced one or more cyberattacks in the past 24 months affecting IoMT/IoT devices. Within those, 58% averaged 9 or more cyberattacks during that time.
  • 45% of these respondents report negative impacts on patient care, and 53% percent of those say negative outcomes resulting in increased mortality rates.

Perceived Threat in IoT/ IoMT Devices Is High, but Proactive Security Measures and Accountability Are Not

  • 71% of respondents ranked the security risks presented by IoT/IoMT devices as high or very heightened, while only 21% reported a mature phase of proactive security actions.
  • Of the 46% who performed well-known and accepted techniques such as scanning for devices, only 33% of these respondents keep a list of the discovered devices.

Ransomware Is a Brutal, Profitable Cycle

  • 47% of those encountering an attack resulted in a ransom being paid. 32% of the ransoms settled fell between $250k – $500k.

“It’s clear that cyberattackers have increasingly concentrated their efforts on hospitals since 2020,” stated Chad Holmes, Security Evangelist at Cynerio. “What had been vague was the frequency and resulting harm of their attacks. By teaming with Ponemon Institute, we have accumulated feedback from hundreds of hospitals and offered a clear picture of the problems they are facing, both in duration of financial losses and impact to patient care. Eventually, our aim for this data is to inform and expedite enhanced cybersecurity funding, training, and policy outcome for all healthcare providers.”

The report further points a range of financial impacts, attack types, and exact presumptions surrounding investments made towards IoT/IoMT security.

“Until lately, the wide scale of cyberattacks on healthcare systems was hard to measure and typically spoken of anecdotally,” voiced Larry Ponemon, founder and chairman of the Ponemon Institute. “Our team at Ponemon Institute is regularly pioneering research with organizations like Cynerio to better define the hazards hospitals and their patients confront. We hope this report encourages healthcare leaders, policymakers and device manufacturers to more effectively manage the cybersecurity threats they confront.”