Healthcare organizations report ransomware payments over $500,000

Cyberattacks against cyber-physical systems (CPS) were analyzed in a recent Claroty report. The findings revealed a significant financial impact, with over a quarter (27%) of organizations reporting a financial impact of $1 million USD or more from cyberattacks affecting CPS. Several factors contributed to these losses, the most common being lost revenue (selected by 39% of respondents), recovery costs (35%) and employee overtime (33%).

The report found that ransomware continues to play a big role in recovery costs, as more than half of respondents (53%) met ransom demands of more than $500,000 USD to recover access to encrypted systems and files in order to resume operations. This problem is particularly severe in the healthcare sector — 78% reported ransom payments over $500,000 — as ransomware and extortion-based attacks on hospitals and clinical environments continue to run seemingly unabated.

Closely tied to the financial losses are the operational impacts, with one-third (33%) reporting a full day or more of operational downtime that impacted their ability to produce goods or services. About half (49%) said the recovery process took a week or more and nearly a third (29%) said recovery took over a month. This is particularly notable given that CPS environments such as manufacturing plants place a premium on availability and uptime of critical systems — even at the expense of timely security and feature updates.

When considering the root cause of these cyberattacks, third-party and remote access exposures persist across organizations. Eighty-two percent of respondents said at least one cyberattack — and nearly half (45%) said five or more attacks — in the past 12 months originated from third-party supplier access to the CPS environment. And yet, almost two-thirds (63%) admit to having only partial or no understanding of third-party connectivity to the CPS environment.

While the findings show the last 12 months were both disruptive and costly for most CPS-enabled organizations, respondents also conveyed growing confidence and improvements in their organization's risk reduction efforts. A majority (56%) have greater confidence in the ability of their organization's CPS to withstand cyberattacks today versus 12 months ago, and 72% expect to see quantifiable improvements in their CPS security in the next 12 months.

Read the report.

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Taelor Sutherland is the Associate Editor at Security magazine. Sutherland covers news affecting enterprise security leaders, from industry events to physical & cybersecurity threats and mitigation tactics. She is also responsible for coordinating and publishing web exclusives, multimedia content, social media posts, and a number of eMagazine departments. Sutherland graduated in 2022 with a BA in English Literature from Agnes Scott College.