Ransomware attacks threaten rural hospitals | HIMSS 2025

Las Vegas – Some of America’s largest hospitals systems have suffered serious and costly disruptions from cyberattacks.

But for rural hospitals, cyberattacks pose even more serious difficulties.

Rural hospitals suffer serious financial damage that they can ill afford from cyberattacks, according to a new report released by Microsoft Wednesday.

Hospitals lose $1.9 million per day on average for each day of downtime following a ransomware attack, according to the Microsoft report. The typical ransomware attack can leave hospitals without access to key electronic services, including electronic health records, for up to 18 days, the report states.

Retired Army General Paul Nakasone, the former leader of the U.S. Cyber Command charged with overseeing the federal government’s cybersecurity efforts, said the report offered a chilling look at the dangers of ransomware attacks to rural hospitals.

“It is a devastating portrayal of what rural hospitals today face with regards to the challenges of ransomware,” Nakasone said in his keynote address at the HIMSS Conference.

In some respects, it’s not hard to see why ransomware groups would go after rural hospitals. Smaller hospitals that have less money to invest in technology and are less likely to be able to defend against sophisticated cyberattacks, industry experts have said.

“These rural hospitals have limited funds, have limited capabilities, and they are often the target of ransomware actors,” Nakasone said.

Cybersecurity analysts say rural hospitals and smaller facilities are enticing targets, because it’s an easier payday, even if the facilities won’t be able to pay a big ransom. For ransomware groups, the return on investment is still high.

For the rural hospitals that suffer breaches, the financial damage is the last thing that they need. Many rural hospitals are grappling with daunting financial problems.

Half of America’s rural hospitals are losing money, according to a 2024 analysis from the Chartis Center for Rural Health. More than 700 rural hospitals, or 31% of the country’s rural hospitals, are facing the possibility of shutting down, according to a 2024 report from the Center for Healthcare Quality & Payment Reform.

The Microsoft report cited a 2020 ransomware attack of Sky Lakes Medical Center, a 90-bed rural hospital in Oregon. The hospital refused to pay the ransom, and its networks were down for 28 days. The hospital had to repair or replace 2,500 computers.

Microsoft has launched a cybersecurity program aimed at rural hospitals, offering free security assessments and resources to help facilities improve their defensive capabilities. Microsoft says more than 500 rural hospitals are participating in the program and more than 375 have received cybersecurity assessments.

In an analysis of the assessments of more than 250 rural hospitals, Microsoft found several vulnerabilities. More than two-thirds of rural hospitals (69%) have struggled with multi-factor authentication, 65% have struggled with email security, and 62% have challenges with network segmentation. One in three rural hospitals (33%) need stronger cybersecurity requirements of their vendors and partners.

Hospital leaders have implored the federal government to provide more cybersecurity funding and support to hospitals, noting that many smaller hospitals and rural facilities don’t have the resources to invest in the technology needed to defend their systems.

Some healthcare leaders and industry analysts have said that they are hoping President Trump will offer more funding for cybersecurity. Tom Leary, senior vice president and head of government relations at HIMSS, said he sees that as a possibility.

“I would anticipate that the Trump administration will lean forward on cybersecurity,” Leary said.

More from Chief Healthcare Executive

Cybersecurity panel: How hospitals can protect their patients and systems

How a rural health system improved its cybersecurity