The data was gathered in the study Healthcare IT News and HIMSS Analytics Quick HIT Survey: Ransomware. About 25 percent could not confirm if they had been attacked or not.
Additionally, Healthcare IT News and HIMSS Analytics, found “considerable uncertainty, questionable business continuity plans, and the need for more effective end-user education rampant in the industry”.
A spokesperson for HIMSS said that seventy three percent of the health systems had a business continuity plan in place, in the event of an attack.
The remaining 26 percent could not be so confident about how to react in the event of a ransomware attack.
As for paying ransoms demanded by cyber criminals, while many in the industry have discouraged giving in to hacks, most hospital executives cannot say for sure whether they would pay or not.
Factors such as scale of the attack, speed of implementation of the business continuity plan, how widespread encryption was and the time of the most recent data back up all come into play.
“Some organisations back up data daily. But when you’re talking about an entire health system, there’s no guarantee that the data will get backed up every single day,” the spokesperson said. “Even daily backups can be hit or miss in terms of what kind of data is included, be that lab results, images, or other types.”
Researchers recommended that avoidance was the best measure to take against ransomware attacks.
They said that healthcare managers should focus on educating end users as savvy staff would prevent malware from taking root in the first place.
“Moving forward, it’s going to be interesting to see how organisations respond to this.”
The Healthcare IT News and HIMSS Analytics Quick HIT Survey: Ransomware surveyed 61 correspondents from the C-Suite.
Source: Healthcare IT News
Image Credit: HIMSS