« Information Technology
  

Holidays are Prime Times for Healthcare Cyberattacks

A study found that 86 percent of organizations that experienced ransomware attacks were targeted on a holiday or weekend.

By Jeff Wardon, Jr., Assistant Editor


The holiday season, a happy time to be enjoyed by all. However, amid the merriment there can be dangers lurking in the background, awaiting their chance to strike. Those threats will strike when one least expects them, creating havoc for unsuspecting facilities.  

A recent study from Semperis found that 72 percent of survey respondents were struck by a cyberattack on a holiday or weekend, with 86 percent of them being targets of ransomware. Additionally, 85 percent of organizations that run a 24/7 security operations center (SOC) reduce staffing levels on holidays and weekends by up to 50 percent, due to staffing challenges and increased overtime costs.  

“When attackers get inside a company’s systems, especially if it’s on a holiday weekend when staff is diminished, they may not be noticed right away,” Guido Grillenmeier, principal technologist (EMEA) at Semperis, said in the study. “Companies are less careful and more vulnerable during those periods, and attackers know that.” 

Related: Protecting the Healthcare Supply Chain from Cyberattacks

Similarly, 63 percent of respondents were attacked during a major corporate event such as a merger, acquisition or an initial public offering (IPO). A study by The University of Texas at Dallas also indicated mergers pose a unique threat to cybersecurity for the following reasons: 

  • System integration leads to gaps in security. 
  • Distraction and allocation of resources since mergers are a lengthy and resource-consuming process. 
  • Data migration can pose a threat if transmitted data is not secured properly. 
  • Integration of third-party vendors and partners can be an issue if they are not secure. 
  • Personnel changes since newer staff will be unfamiliar with pre-existing security protocols, which can lead to lapses in judgement and misconfigured systems. 
  • The Semperis study also found that 81 percent of respondents believe their expertise to be enough to protect against identity-related cyberattacks. However, 83 percent of respondents were victims of a successful ransomware attack in the past 12 months. 

To top things off, the study also found 40 percent of respondents either have no budget or are not sure whether they have a budget dedicated to defending core identity systems. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



December 19, 2024


Recent Posts

Case Study: How NYU Langone Rebuilt for Resilience After Superstorm Sandy

Although the damage was severe, it provided a valuable opportunity for NYU Langone to assess structural vulnerabilities and increase facility resilience.

Frederick Health Hospital Faces 5 Lawsuits Following Ransomware Attack

The lawsuits accuse FHH of inadequate cybersecurity, poor breach notification and failing to protect patients from identity theft risks.

Arkansas Methodist Medical Center and Baptist Memorial Health Care to Merge

They have signed a non-binding letter of intent to complete a shared mission agreement to merge the two organizations.

Ground Broken on Intermountain Saratoga Springs Multi-Specialty Clinic

The clinic is scheduled to open and start seeing patients in the fall of 2026.

Electrical Fire Tests Resilience of Massachusetts Hospital

Signature Healthcare Brockton Hospital used opportunity to renovate key systems and components and expand facility operations.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.