They’re on edge from a plethora of cyber attacks against them.

According to the Institute for Security and Technology, about 300 hospitals have suffered ransomware attacks this year alone. Cyber experts say hackers typically see health care organizations as a prime target because hospitals are likely to pay ransom to keep critical health services up and running.

Two problems are buried in that simple characterization. One is the continued vulnerability of the hospital systems’ IT systems. Why does this vulnerability continue to exist? Charlie Regan, Nerds On Site CEO:

Cyber criminals trying to get into any network or system are incredibly well-funded and incredibly well-orchestrated, and they have a never-ending source of more creative and effective tools to breach systems[.]

Yes, countering, much less preempting, such attacks is hard. But “hard” means “possible,” and the hospital system IT managers don’t appear to be making much effort to get on top of their companies’ vulnerability—those 300 attacks in just the last several months seem to demonstrate this.

But the larger problem in that characterization is that hospitals are likely to pay ransom. Paying the ransom is nothing other than paying the hackers wages for their labor, aiding and abetting the hackers’ crimes, and increasing the vulnerability of others to hackers’ crimes by guaranteeing that their crimes don’t just pay; they’re lucrative.

Given that, I’m having a hard time summoning any sympathy for the hospital systems. They need to start taking their cyber vulnerabilities seriously.