Characteristics of short-term acute care hospitals that experienced a ransomware attack from 2016 to 2021.

ABSTRACT

As cybercrime increasingly targets the health care sector, hospitals face the growing threat of ransomware attacks. Ransomware is a type of malicious software that prevents users from accessing their electronic systems-demanding payment to restore access. In response, momentum is gathering to enact policy that will help hospitals strengthen their cybersecurity defenses. However, to design effective policy, it is crucial to understand the characteristics of hospitals associated with the risk of ransomware attack. In this paper, we compare the characteristics of ransomware-attacked and non-attacked short-term acute care hospitals in the United States. Using data from the American Hospital Association's Annual Survey and the Healthcare Cost Report Information System, we found that ransomware-attacked hospitals were larger, had higher net operating revenue, were more likely to be financially profitable, and more likely to provide trauma, emergency, and obstetric care than non-attacked hospitals. Measures of information technology sophistication did not vary between ransomware-attacked and non-attacked hospitals. These results can be used to tailor policy interventions in order to most effectively respond to and prevent cybercrime in health care.