News

Rubrik Data Security Report: Ransomware Still Wreaks Havoc, Especially in Healthcare

• By David Ramel
• 05/01/2024

Earlier predictions of a decline in ransomware attacks have not borne out and organizations in the healthcare sector -- where sensitive data abounds -- are being hit particularly hard, according to a new report from Zero Trust data security specialist Rubrik.

Rubrik Zero Labs' new “The State of Data Security: Measuring Your Data's Risk” report focuses on three key topics: cloud, ransomware and healthcare. As noted above, the latter two are closely intertwined.

Noting the healthcare sector's disproportionate amount of sensitive data, Rubrik observed the outsized impacts of cyberattacks in that space:

• Ransomware attacks against observed healthcare organizations have an estimated impact of almost five times more sensitive data than the global average.
• This equates to an estimated 20 percent of a typical healthcare organization's total sensitive data holdings impacted every time there is a successful ransomware encryption event, compared to 6 percent for an average organization.
• Virtualization really matters for healthcare and ransomware: 97 percent of all encrypted data in Rubrik observed healthcare organizations last year occurred within virtualized architecture compared to 83 percent across all industries.

Moreover, in the healthcare field, ransomware can literally be a life or death concern, with the report displaying a graphic illustrating how ransomware fallout directly contributed to at least 42 deaths in the U.S.

As far as the other key topics of the report, the cloud and ransomware in general, an April 30 news release summarized the findings:

• As Cloud Becomes More Widely Adopted, New Security Blind Spots Emerge:

  The report said: "The existence of commercially available clouds can now be measured in decades. Yet, confusion about cloud data security remains. The cloud is targeted with more frequency -- and more success -- than its on-premises counterparts. It also contains blind spots making it difficult to defend."

  Data points include:

  • Organizations are becoming more dependent on the cloud. In 2023, Rubrik observed that cloud architecture stored 13 percent of an organization's data, compared to 9 percent in 2022. Comparatively, on-premises declined from 77 percent in 2022 to 70 percent in 2023.
  • Of the external organizations victimized in a cyberattack in 2023, many were attacked across multiple aspects of their hybrid environment with 67 percent of attacks impacting SaaS data, 66 percent for the cloud, and 51 percent for on-premises locations.
  • The cloud comes with inherent risk based on security blind spots and vulnerable sensitive data, according to Rubrik Telemetry:
    • Blind spot #1: 70 percent of all data in a typical cloud instance is object storage, which typically has a far lower security coverage compared to other areas.
    • Blind spot #2: 88 percent of all data in object storage is not confirmed as machine readable or covered by prominent security technologies and services.
    • Blind spot #3: More than 25 percent of object storage data is subject to regulatory or legal requirements, such as protected health information (PHI) and personally identifiable information (PII).
• Ransomware Continues to Wreak Havoc across Organizations -- and IT and Security Teams:

  The report said: "With few exceptions, healthcare organizations produce and store more sensitive data and are subject to more regulatory scrutiny than other industries. A fringe benefit of the regulatory pressures on healthcare is more publicly available data to study."

  Data points include:

  • 94 percent of IT and security leaders reported their organization experienced a significant cyberattack last year, and on average faced 30 attacks in that timeframe. One-third of these victims endured at least one ransomware attack.
  • 93 percent of external organizations that endured a ransomware attack reported paying a ransom demand, with 58 percent of these payments motivated primarily by threats to leak stolen data.
  • 96 percent of senior IT and security leaders reported changes to their emotional and/or psychological state as a direct result of a cyberattack, with 38 percent worrying over job security.
  • Leadership changes increased following cyberattacks, reported by 44 percent of organizations -- up from 36 percent in Rubrik Zero Labs' Fall 2022 report “The State of Data Security: The Human Impact of Cybercrime.”

"Despite the fallout of cyberattacks dominating headlines, data risk is an issue that continues to be murky -- especially in terms of what security teams can actually change and what they cannot," said Steven Stone, head of Rubrik Zero Labs. "With this report, we aim to provide quantifiable insights that IT and security leaders can bring back to their organization to drive greater cyber resilience -- in particular with their partners in the business and governance teams. The more we talk about cyber threats like ransomware, and its impact on industries like healthcare, the more we can collaborate to minimize the risk calculus and ultimately beat cyber attackers trying to impede our businesses."

The report is based on Rubrik's own telemetry and a survey conducted by Wakefield Research, which polled more than 1,600 IT and security leaders, about half of which are CIOs and CISOs, at companies of 500 or more employees. The research was conducted in the U.S., UK, France, Germany, Italy, Netherlands, Japan, Australia, Singapore and India between Jan. 18 and Jan. 30, 2024. None of the polled organizations are existing Rubrik clients.