Please fill in the form below to subscribe to our blog

Blizzard of HHS Warnings Underlines Healthcare Cyberattack Danger

September 08, 2022
healthcare cyberattack danger

Healthcare Cyberattacks Are Emerging from Many Directions


The healthcare sector has experienced many challenges in the last few years while contending with the global pandemic. Cybersecurity is one of those challenges. The U.S. Department of Health and Human Services (HHS) has been sounding the alarm about healthcare cyberattacks and elevated risk in recent weeks with a flurry of warnings about the danger that healthcare organizations face. That danger is coming from a wide variety of directions including Internet of Things (IoT) devices, evolving ransomware threats, cloud services and phishing, creating danger for both healthcare providers and patients.  


Finding the fix for your security & compliance training challenges is easy with our buyer’s guide! GET YOUR GUIDE>>


What threats are experts warning the healthcare sector about? 


HHS has delivered several warnings in Q3 2022 about the cybersecurity risks that healthcare organizations are facing right now. 

  • August 4: HHS Health Sector Cybersecurity Coordination Center (HC3) issued a warning that healthcare organizations need to take steps to mitigate cybersecurity risks associated with Internet of Things (IoT) devices. The warning is intended to raise awareness that IoT devices may be targeted by criminals as a means to steal credentials and data. 
  • August 9: HC3 sounded the alarm about possible security risks associated with cloud services and providers. The warning draws attention to the potential for danger from directions hat healthcare organizations may not be expecting such as human error, external threats from malicious actors and cloud infrastructure itself. 
  • August 10: HC3 warned healthcare organizations of a particularly dangerous phishing campaign, known as Evernote. This phishing campaign aims to steal credentials by persuading victims to download a malware-laden file.  
  • August 11: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Federal Bureau of Investigation (FBI)  issued a joint warning about Zeppelin ransomware. This malware has been frequently used to hit organizations in the healthcare sector.  
  • August 24: HC3 warned that the Karakurt ransomware group has been actively targeting U.S. healthcare organizations since June 2022. The group is responsible for four attacks on healthcare sector entities including an assisted living facility, a dental firm, a healthcare provider, and a hospital.
  • August 29: A fresh alert from HC3 shines a light on risk presented by Evil Corp, a cybercrime organization with ties to the Russian government. The group has been snatching intellectual property from the U.S. healthcare sector on behalf of the Russian government. The alert particularly focused on warning about the Dridex trojan. This well-known tool of Evil Corp can compromise the confidentiality of data and snarl operational systems.  

Can you spot a phishing message? This infographic points out red flags to watch for to sniff them out! DOWNLOAD IT>>


Healthcare cyberattacks & data breaches are constantly rising 


The Cynerio and Ponemon Institute report The Insecurity of Connected Devices in HealthCare 2022 details some of the pressing risks that healthcare organizations face. The biggest takeaway is that a shocking 56% of healthcare organizations have fallen victim to at least one cyberattack in the last 24 months, and 82% of those victimized organizations were hit again quickly. When that cyberattack ends in a data breach, healthcare sector entities are in for a world of hurt. This year’s IBM Cost of a Data Breach 2022 report definitively shows that the industry with the highest data breach cost is healthcare. The cost of a data breach at a healthcare organization was almost twice the cost of the number two sector, finance.  The average cost of a healthcare data breach rose substantially in 2022 to a record high of $10.1 million, which is 9.4% more than in 2021 and 41.6% more than in 2020. 

Number of Data Breaches Experienced  

Source: Cynerio


Get 10 tips to help you build a strong security culture & reduce your risk of cybersecurity trouble! GET INFOGRAPHIC>>


Ransomware attacks are particularly dangerous for hospitals and patients


One of the alerts that HHS released about the rising tide of healthcare cyberattacks is specifically ransomware-related, drawing attention to the activities of nation-state-aligned cybercrime group Evil Corp and its deployment of Dridex malware, a strain that it developed that has been spectacularly effective against targets in the banking and finance sector. Dridex is usually distributed through phishing emails containing malicious Word or Excel attachments. In a Dridex malware scenario, when an employee opens an attachment infected with the malware and takes certain prompted actions like enabling macros, the malware is downloaded and installed on the victim’s device.  

Any healthcare cyberattack is a problem, but a ransomware attack against a healthcare target has the potential for devastating consequences both for the organization and the patients that it serves. Bad actors know that healthcare organizations cannot afford downtime, making them an attractive ransomware target. Almost half of the healthcare organizations surveyed, 43%, said that they had experienced a ransomware attack in the past 24 months. Digging deeper, researchers determined that more than three-quarters of the healthcare organizations in this study had experienced three or more ransomware attacks within the last 24 months.   

Number of Ransomware Attacks Experienced  

Source: Cynerio


See cybercrime trends & the results of thousands of phishing simulations in The Global Year in Breach 2022. DOWNLOAD IT>>


Cyberattacks on healthcare organizations raise mortality rates


A ransomware attack can complicate operations at a hospital, clinic or specialty care center in many negative ways, including by increasing mortality rates. In the Ponemon/Cynerio study, researchers determined that almost half of the cyberattacks on healthcare organizations that they studied had a serious adverse impact on patient care. An estimated 45% of IT professionals at healthcare organizations say that they’ve seen a correlation between attacks on IoT devices and patient care challenges. Digging deeper, they also determined that one-quarter of cyberattacks of any kind that healthcare entities like hospitals, clinics and specialty centers have experienced in the last two years directly resulted in increased mortality rates at those institutions.  

Adverse Impacts of a Successful Cyber Attack on Patient Care  

Source: Cynerio


See the top 5 risks businesses face from nation-state cybercrime and how to stay out of trouble. GET LIST>>


Reduce Healthcare Cyberattack Risk with This Power Pair 


It’s imperative that healthcare organizations adopt a strong security posture in this volatile risk environment. This winning pair of powerful security solutions gives organizations tools that help reduce the chance of a costly data breach and mitigate other healthcare cyberattack risks affordably  


Security Awareness Training     


 CISA recently recommended that companies step up their security awareness training programs to combat the current flood of ransomware threats.  It’s the right move to make – Venture Beat reports that 84% of businesses in a recent survey said that security awareness training has reduced their phishing failure rates, making their employees better at spotting and stopping phishing, the gateway to most of today’s nastiest cyber threats.       

BullPhish ID is the perfect solution to use to make that happen!      

  • A huge library of security and compliance training videos with 4 new lessons added a month!     
  • Choose from plug-and-play or customizable phishing training campaign kits     
  • Automation makes training painless for everyone 

Dark Web Monitoring   


Cybercriminals can do a lot with a compromised credential, like steal data and deploy ransomware. Compromised credentials are easy to obtain on the dark web and they open so many doors. An estimated 60% of data breaches involved the improper use of credentials in 2021.  

Dark Web ID is the answer.    

  • 24/7/365 monitoring using real-time, analyst-validated data     
  • Monitoring of business and personal credentials, including domains, IP addresses and email addresses     
  • Gain priceless peace of mind about dark web dangers 

dark web threats

Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>