Ransomware on Healthcare Cost Global Economy $92 Billion

March 28, 2023

Cyberattacks against hospitals and other ransomware on healthcare facilities are on the rise. They can encrypt key systems, placing personal data at risk and causing widespread disruptions.

These attacks can have detrimental effects on patients and your business reputation. It’s essential to be aware of how such events could influence your operations.

The Cost of Downtime

Downtime can have a severe impact on any business. Not only does it cause disruption and employee productivity, but also intangible costs such as lost revenue, reputational damage, and customer churn.

Ransomware is an increasingly common cause of downtime for businesses and industries, from hospitals to small companies that do a bit of online sales. Healthcare organizations in particular are vulnerable to these attacks since they handle patient data and can be more susceptible to the threat.

The cost of downtime varies based on several factors, including the type of business, its revenue, duration of downtime and time of day. Therefore, it’s difficult to precisely calculate exact costs; however a 2016 study estimated that companies in banking/finance, government, healthcare, manufacturing media communications and retail spend an average of up to $5 million per hour for downtime.

For instance, a bank that handles high-level transactions would face higher downtime and recovery expenses than a private clinic. It also depends on how much time is lost due to the outage.

In most cases, downtime costs can be calculated as an average of the costs to restore and backup your company’s data plus how long it takes for systems to recover after an outage. This calculation helps you decide how much investment should be made in a proactive downtime solution.

These solutions are tailored to minimize the effects of downtime and guarantee your business remains operational. Furthermore, they may offer a backup and recovery plan in case something goes awry.

Another function of many downtime solutions is to prevent attacks from taking place in the first place. For instance, these solutions can monitor your network for suspicious activity and then automatically block cybercriminals from accessing it.

By doing this, you can help avoid costly downtime because a cybercriminal may wait until they have an opportunity to attack your network. By then, it is likely that all of your data has already been compromised.

The Cost of Data Recovery

According to research, the cost of data recovery after a ransomware attack has significantly increased over the last year. Healthcare organizations remain the most likely sector to pay ransoms and this trend is set to continue.

Thankfully, most organizations have become better at recovering encrypted data from ransomware attacks by relying on backups. But that isn’t always enough to avoid business disruption due to prolonged restore times.

Hospitals and other healthcare organizations that cannot access their systems will impede patient care delivery, leading to delays and worse patient outcomes.

Recent research by JAMA revealed that ransomware-related operational disruptions cause a variety of negative impacts for patients. For instance, 44% of attacks caused care delivery disruptions and 8.6% caused disruptions that lasted more than two weeks.

Additionally, 10% of attacks led to delays or cancelled appointments, and 4.3% involved ambulance diversions.

These disruptions may have a direct impact on patients, particularly those with acute illnesses and weakened immune systems. Furthermore, caregivers may suffer from burnout or depression as a result of these events.

Medical personnel must often dedicate extended hours to treating patients while working within compromised systems.

However, there are ways to prevent these issues from arising in the first place. Hospitals and other healthcare organisations should create a robust cybersecurity strategy and implement effective data protection measures.

Furthermore, they should guarantee their systems remain up-to-date and have regular backups. These copies should include the most up-to-date versions of all enterprise applications and software, including security patches.

As the global economy increasingly relies on technology for services and customer engagement, attackers recognize that having control of the systems that house this data can yield valuable rewards. This data could include patient information, health records, and other vital points which hackers are willing to pay for.

In addition to direct costs, healthcare organisations also face potential reputational and compliance risks. A decrease in revenue or loss of business could cause severe financial strain.

The Cost of Insurance

Ransomware is a type of malware that encrypts computer system data and demands payment in exchange for release. A Fitch report has revealed that this cyber threat has grown rapidly over the past three years.

Healthcare organisations are especially vulnerable to cyber attacks, as they typically possess sensitive patient data. A successful attack could damage a hospital’s reputation and financial position, potentially leading to the loss of patients.

Healthcare organisations can still avoid paying ransoms. Furthermore, they should implement strong internal controls which could help prevent these attacks from taking place in the first place, such as continuous data backups and employee training programmes. Despite these risks, it remains possible for them to avoid paying ransoms.

However, despite these controls, hackers have increasingly targeted healthcare organisations. According to Tracking Healthcare Ransomware Events and Traits (THREAT), reported ransomware attacks increased 51% between 2021 and 2020, underscoring the need for protection against this threat.

Insurers are responding to this trend by tightening underwriting guidelines and inspecting cybersecurity controls more thoroughly. These measures aim to raise awareness, define how companies should handle a cyber incident, and inform their insureds.

These measures will also enable insurers to make sure their policies are up to date and include coverage for ransomware-related losses. These can range from a small financial loss to the costs of hiring security experts who negotiate with hackers and computer forensic teams who help determine how hackers gained access to an organisation’s systems.

Insurance can shield a business from losses caused by an attack and reimburse for running costs while its computer system is down. This coverage allows a company to get back up and running quickly, even if it may not be possible to recover all of its lost data.

But finding the right policy that will cover these losses can be challenging. Some policies include lengthy conditions that must be fulfilled before coverage kicks in, which may prove challenging for smaller organisations to meet.

The Cost of Training

Ransomware is an increasingly sophisticated cybercrime that is wreaking havoc in the healthcare sector. Attacks encrypt critical systems and disrupt medical care, plus data loss could result in class-action lawsuits and reputational harm.

The healthcare sector is particularly vulnerable to these attacks due to the large volume of sensitive personal data held by hospitals and other medical establishments. Much of this data is now stored online, making it easy for hackers to obtain.

Due to this, hackers are increasingly targeting hospital networks, servers, computers, databases and patient records. They may also target healthcare devices connected to these systems like medical scanners, cameras, sensors and x-ray machines.

Medical devices are essential for providing care, and could potentially be targeted in a ransomware attack that disrupts patient access. Attacks could damage the devices themselves, or infect their entire network with malware.

Another problem is that ransomware can be used to profitably sell individual records of patients’ private health information (PHI). For instance, a small attack containing 1000 PHI records could be worth $250,000.

Due to these threats, healthcare organisations have had to reevaluate their cybersecurity strategies and implement new technologies and safeguards. Furthermore, they had to train staff on dealing with security issues. Unfortunately, these trainings can be expensive and a drain on an organization’s budget; however, these steps are essential in order to protect sensitive information and customer data for the company.

Ammar Fakhruddin


Ammar brings in 18 years of experience in strategic solutions and product development in Public Sector, Oil & Gas and Healthcare organizations. He loves solving complex real world business and data problems by bringing in leading-edge solutions that are cost effective, improve customer and employee experience. At Propelex he focuses on helping businesses achieve digital excellence using Smart Data & Cybersecurity solutions.

A Guide to Cybersecurity in a Virtual Office

A Guide to Cybersecurity in a Virtual Office

Explore the comprehensive guide to cybersecurity in a virtual office, covering essential strategies, best practices, and tools to safeguard your digital assets. Learn how to protect sensitive data, mitigate risks, and ensure the utmost security in today's remote work...

GnuTLS Follows OpenSS

GnuTLS Follows OpenSS

GnuTLS library adheres to the OpenSS (Open Source Security Suite) standard, a significant departure from the former GNU policy. Emacs becomes more secure by adhering to a more robust standard for cryptographic libraries. It also helps avoid confusion when working with...

Zero-day vulnerability in Fortinet FortiOS

Zero-day vulnerability in Fortinet FortiOS

Recently, cybercriminals and nation-states have been exploiting a zero-day vulnerability in Fortinet FortiOS' operating system to launch targeted cyberattacks against government entities. The flaw, CVE-2022-40684, allows attackers to bypass authentication by sending...

Recent Case Studies

Press Releases

News & Events


Managed Security Services
Security & Privacy Risk Assessment
Cloud Platform Security
Incident Response & Business Continuity

Penetration Testing

Virtual CISO

Email Security & Phishing



About Us