Rural US hospitals are losing the fight against ransomware due to limited resources compared to bigger organizations.

According to Cyberscoop, witnesses testified in a recent Senate Homeland Security and Governmental Affairs Committee meeting that smaller hospitals are struggling to combat ransomware attacks. In most cases, while there is plenty of information available to help organizations, the issue stems from a lack of resources, including qualified cybersecurity personnel.

“We also saw cybercriminals shift their focus to small and rural hospitals with this group lagging behind in strengthening their defenses,” said Kate Pierce, senior virtual information security officer at cybersecurity firm Fortified Health Security. “Our rural hospitals are facing unprecedented budget constraints with up to 30% or more in the red, with the public health emergency scheduled to end in May.”

Unfortunately, the issue is only going to get worse as bad actors exploit small hospitals’ vulnerability. Some are even stepping up the pressure on smaller hospitals specifically, posting patient information — including nude examination photos — online in an effort to force hospitals to pay up.

“In recent years, increasingly sophisticated cyberattacks in the healthcare and public health sectors posed alarming threats to people in Michigan, as well as across the country,” said Committee Chairman Gary Peters, D-Mich.