Cybercriminals increasingly target hospitals with ransomware attacks (i.e., hackers infiltrate and encrypt electronic systems so that they're unusable unless victims pay to regain access). From 2016 to 2021, the annual number of ransomware attacks on healthcare providers more than doubled, with evidence that attacks caused increasingly severe operational disruptions.

News coverage suggests that ransomware attacks disrupt the delivery of health care, sometimes for weeks at a time. Ransomware attacks force hospitals to divert ambulances, cancel scheduled appointments/surgeries, switch to paper charting, and rely on memory when medication and allergy lists cannot be accessed via the electronic health record. These disruptions hinder the capacity of a hospital to deliver safe and effective care – and may result in harm to patients. For example, one ongoing lawsuit alleges that electronic monitoring outages during a ransomware attack led staff to miss signs of infant distress during labor, resulting in the baby's death.

This project will use a novel dataset of ransomware attacks on healthcare providers to better understand how this growing phenomenon affects rural hospitals. Specifically, we will test for differences in attack likelihood by rural/urban location. We will also use American Hospital Association survey data to quantify hospital-level factors associated with a lower likelihood of attack (i.e., preventive factors). Finally, we will use Medicare claims data to quantify rural/urban differences in how ransomware attacks affect patients and hospitals.

Publications

• Characteristics of Short-Term Acute Care Hospitals That Experienced a Ransomware Attack From 2016 to 2021
  Journal Article
  University of Minnesota Rural Health Research Center
  Date: 08/2023
  Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. In this paper, researchers compare the characteristics (including rurality) of ransomware-attacked and non-attacked hospitals in the U.S. in order to understand which hospitals may be most vulnerable to cybercrime.
• What Happens to Rural Hospitals During a Ransomware Attack? Evidence From Medicare Data
  Journal Article
  University of Minnesota Rural Health Research Center
  Date: 03/2024
  To understand more about how ransomware attacks affect care at rural hospitals, researchers used data on hospital ransomware attacks from 2016 to 2021. This paper describes how ransomware attacks disrupted hospital operations at rural and urban areas, and the implications for these attacks especially in rural areas.