Healthcare Organizations Need to Address the Increasing Threat of Ransomware and Fileless Malware Attacks


Ponemon Institute conducted a study on current endpoint security trends. Two of the threats that need to be dealt with are ransomware and fileless malware attacks. The healthcare industry spends over $1 billion on endpoint attacks every year. The big money spent on mitigating attacks highlights the importance of endpoint security. Sad to say, healthcare organizations choose to use traditional cybersecurity technologies that do not give enough protection against the new threats. They invest on doubling existing cybersecurity defenses instead of spending on new technologies that are more effective at stopping endpoint attacks.

Barkly sponsored a study that involved 65 IT and security experts. In the past year, 54% of the participants confirmed experiencing one successful endpoint attack. Over 50% experienced a minimum of one successful ransomware attack and 40% experienced multiple ransomware attacks.

About 65% of healthcare organizations surveyed paid ransom to restore their data files. Others have no choice but to pay the ransom. On average, the ransom payment was $3,675. These ransomware attacks will likely continue because they are profitable to the attacker. Cybersecurity Ventures reported that worldwide ransomware damages will amount to $5 billion this year and $11.5 billion in 2019.

Another worrisome endpoint security trend is fileless malware attacks, which have increased in occurrence in the past year. Of the surveyed organizations that had at least one endpoint attack, 77% confirmed that at least one attack was fileless malware attack. This type of malware attack rose by 20% from last year. According to Ponemon, fileless malware are 10 times more successful than other types of malware.

Each company spends about $5,010,600 per year on average to mitigate endpoint attacks. In total, the healthcare industry spent $1.3 billion last year for endpoint attacks, 30% of which was due to loss of productivity, 23% was due to theft of information and 25% was due to system downtime.

Companies need to prioritize endpoint attack prevention. Antivirus solutions can stop malware attacks but they rarely work against fileless malware. 50% of companies are ready to invest in new tools like endpoint detection and response solutions. But these tools only reduce the harm caused by an attack and do not stop it.