Ransomware Attacks on Rural Hospitals

Research center:
Lead researcher:
Project funded:
September 2022
Anticipated completion date:
August 2024

Cybercriminals increasingly target hospitals with ransomware attacks (i.e., hackers infiltrate and encrypt electronic systems so that they're unusable unless victims pay to regain access). From 2016 to 2021, the annual number of ransomware attacks on healthcare providers more than doubled, with evidence that attacks caused increasingly severe operational disruptions.

News coverage suggests that ransomware attacks disrupt the delivery of health care, sometimes for weeks at a time. Ransomware attacks force hospitals to divert ambulances, cancel scheduled appointments/surgeries, switch to paper charting, and rely on memory when medication and allergy lists cannot be accessed via the electronic health record. These disruptions hinder the capacity of a hospital to deliver safe and effective care – and may result in harm to patients. For example, one ongoing lawsuit alleges that electronic monitoring outages during a ransomware attack led staff to miss signs of infant distress during labor, resulting in the baby's death.

This project will use a novel dataset of ransomware attacks on healthcare providers to better understand how this growing phenomenon affects rural hospitals. Specifically, we will test for differences in attack likelihood by rural/urban location. We will also use American Hospital Association survey data to quantify hospital-level factors associated with a lower likelihood of attack (i.e., preventive factors). Finally, we will use Medicare claims data to quantify rural/urban differences in how ransomware attacks affect patients and hospitals.


Publications