Ransomware is becoming a more prevalent threat actor, targeting and infecting 38 percent of healthcare IT professionals.

Results from a Varonis Systems study of over 100 healthcare IT pros showed that of the respondents infected with ransomware, the biggest change has been to increase security education for employees.

Almost half (47 percent) detected their ransomware hack from a pop-up saying the files had been infected. Only 26 percent were caught by a security technology and 18 percent noticed by IT personnel.

Nearly all (94 percent) had endpoint protection in place on the infected workstations. Half of all respondents (50 percent) had to manually inspect file shares in order to look for signs of infection to determine which users/systems had been infected and which files were encrypted.

Under a quarter (15 percent) are lessening employee access based on a need-to-know/least privilege model and 14 percent enhanced auditing, analysis and alerting of employee file usage. Meanwhile, 12 percent are investing in other security technologies and 34 percent have increased security education for employees.

“Ransomware is spreading rapidly, which is scary when you consider it is one of the few malwares that makes itself known to the infected end user or system to pay up for the encrypted files,” said David Gibson, VP of strategy and market development at Varonis.