The number of reported major IT/hacking events attributed to ransomware by health care institutions increased by 89 percent from 2016 to 2017, according to cyber defense firm Cryptonite’s 2017 Healthcare Cyber Research Report, which used data reported to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR).
The research conducted by Rockville, Md.-based Cryptonite looks at healthcare cyber attack activity last year and finds that 2017 was a very challenging year for healthcare institutions as these organizations remain under sustained attack by cyber attackers that continue to target their networks through the use of well understood vulnerabilities. According to the report, there were a total of 140 data breach events characterized and reported to HHS OCR as IT/hacking in 2017, representing an almost 24 percent increase over the 113 IT/hacking events reported in 2016. For an historical view, there were 57 reports for IT/hacking in 2015 and 35 reports in 2014.
The number of reported major IT/hacking events attributed to ransomware by health care institutions increased by 89 percent from 2016 to 2017. This was an increase from 19 reported events in 2016 to a total of 36 events in 2017. In 2017 ransomware events represented a quarter of all events reported to HHS/OCR and attributed to IT/hacking.