Please fill in the form below to subscribe to our blog

Cyberattacks on Healthcare Targets Create a Public Health Risk

December 03, 2021
a white male hedoctor in a white lab coat touched icons on a transparent screen that represent security soncepts. Two are red to indicate trouble.

Cybersecurity Woes Plague Healthcare Workers and Impact Patient Care


Since the beginning of the global pandemic in 2020, organizations in the healthcare and healthcare-related sectors have found themselves in the sights of cybercrime operations. In 2020, 560 healthcare facilities were affected by ransomware attacks in 80 separate incidents. Opportunistic cybercriminals have taken advantage of the already epic stress on the entire healthcare ecosystem to deploy ransomware, conduct account takeovers and steal huge amounts of personally identifying information (PII) and protected health information (PHI). That sent many hospitals reeling, creating all sorts of negative impacts in their communities. 


Is someone’s behavior suspicious? Learn to spot trouble fast with 5 Red Flags That Point to a Malicious Insider at Work.  DOWNLOAD IT>>


Cyberattacks on Healthcare Targets Have Soared


In a September 2021 report, The Impact of Ransomware on Healthcare During COVID-19 and Beyond, researchers at the Ponemon Institute explored the impact of increased cybercrime during the global pandemic and the impact that cyberattacks including ransomware and third-party incidents had on patient-focused healthcare facilities around the world. Without ransomware in the mix, healthcare facilities reported that they’d seen a sharp increase in cyberattacks since March 2020.  


Increase in Types of Cyberattacks on Healthcare Targets Since March 2020 


  • Credential Theft 60%
  • Compromised/Stolen Devices 55%
  • Account Takeover 43%
  • Denial of Service (DDoS) 32%
  • Malicious Insider 30%
  • Advanced Malware/Zero-Day Attacks 29%
  • Web-Based Attack 23%
  • Cross-Site Scripting 21%
  • General Malware 19%
  • SQL Injection 18%

Healthcare data was a hot commodity during the pandemic. It is still highly desirable in the booming dark web data markets. The majority of respondents (60%) admitted that their HDOs had experienced a data breach in the past two years. On average, each breach incident exposed 28,505 records and cost an average of $837,750. In September 2020 alone, cybercriminals stole 9.7 million medical records. Cybercriminals were well aware that any data relating to COVID-19 treatments, outcomes, research or vaccine development was worth its weight in gold and they did not hesitate to snatch data from any healthcare-related target that they could infiltrate.


Causes of Breach in Healthcare Organizations 


  • Attack on a Cloud Application 23%  
  • Employee Phishing Attack 21%  
  • Attack on an On-Premises Application 19%  
  • Attack on an IOT Device 12%  
  • API Attack 10%  
  • Attack on a Medical Device 9%  
  • Other 2%  
  • Unsure 4% 

Learn how to defeat terrifying cybersecurity monsters to keep systems & data safe in a dark world! READ IT IF YOU DARE!>>


Pharma and Healthcare Were Ravaged by Ransomware


Ransomware ran rampant throughout 2020 and 2021, and no sector was more beleaguered than healthcare. Facilities researching COVID-19, particularly facilities involved in vaccine development, were especially at risk as cybercriminals sought to profit handsomely from stolen research data. Ransomware attacks were responsible for almost 50% of all healthcare data breaches in 2020. Just one week before the first vaccine announcements hit the press, cybercriminals were still at it, nailing Pfizer, Indian giant Dr. Reddy’s (Russia’s Sputnik Vaccine partner, and the Taiwan research arm of Japanese drugmaker Shionogi & Company Limited all in the same week. Microsoft identified the cybercriminals responsible as nation-state actors, Strontium, an actor originating from Russia, and two actors originating from North Korea that they referred to as Zinc and Cerium. Ransomware is the preferred weapon of nation-state threat actors. 

Of the 597 health delivery organizations (HDOs) analyzed in this survey, 42% had faced at least two ransomware attacks during the study term. One factor that has contributed to that boom is increased specialization among healthcare facilities and clinics as well as a push to outsource functions to lower operating costs, leaving healthcare targets particularly susceptible to third-party risk. Increased dependence on third-party service providers was named as a major source of ransomware threats by more than one-third (36%) of the survey respondents.  


Learn how to defeat terrifying cybersecurity monsters to keep systems & data safe in a dark world! READ IT IF YOU DARE!>>


Healthcare Orgs Aren’t Ready for Trouble and They Know It


However, the increase in ransomware danger for healthcare targets isn’t news to those who deal with healthcare IT. Over half of the HDOs that researchers analyzed weren’t feeling good about their prospects when it came to fighting off a ransomware attack before the pandemic hit, and they’re even less confident now that they’re navigating a pandemic-induced cybercrime inundation. Before COVID-19, 55% of respondents say they were not confident they could mitigate the risks of ransomware. In the age of COVID-19, 61% of respondents are not confident or have no confidence that they’re ready to fend off a ransomware attack.

 Just like every other business sector, healthcare targets also fell prey to more ransomware attacks in 2020 and 2021. Overall, 43% of the study respondents said that their HDOs experienced a ransomware attack in the last two years, sometimes more than one. Of the healthcare entities in the survey who experienced a ransomware attack, 67% said that their HDO was struck by one ransomware attack, and an unfortunate 33% of respondents said that their organizations had been hit with two or more ransomware attacks since March 2020.   


Make sure your clients have all the bases covered with the Computer Security To-Do Checklist! GET IT>>


Ransomware is Very Bad News for Patients Too


Ransomware attacks can impact a wide range of functions and operations at a healthcare facility. patient safety, data, and overall care availability. Survey respondents attributed negative impacts on patient outcomes and medical complications to ransomware incidents at their facilities. Respondents report that ransomware attacks had a significant impact on patient care, including a longer length of stay for patients, delays in procedures and tests, increases in patient transfers or facility diversions and an increase in complications from medical procedures and perhaps the most troubling, mortality rates. 


What Impact Does Ransomware Have on Patient Care? 


  • Longer length of stay 71% 
  • Delays in procedures and tests that result in poor outcomes 70% 
  • Increase in patients transferred or diverted to other facilities 65% 
  • Increase in complications from medical procedures 63% 
  • An increase in mortality rate 23% 

Ransomware Costs Patients Their Lives 


In IBM’s analysis of the impact that ransomware has on patient care, analysts cited two examples of patient mortality that are related to the complications of ransomware attacks on medical facilities.  

In September 2020, for instance, German authorities looked into the death of a woman following a ransomware attack against a hospital. The patient died after being diverted to another hospital located more than 30 km (18 miles) away from her intended destination, University Hospital Duesseldorf. The facility was dealing with a DoppelPaymer ransomware attack that prevented it from receiving her.  

In October, a woman in Alabama filed a lawsuit alleging a hospital had not informed her that a ransomware attack had disabled its computers. The lawsuit asserted that hospital personnel had given reduced care to her baby. The baby was born with a severe brain injury and later died. Attackers after money or health care data ended up with something far worse. 

Source: IBM, Security Intelligence, Hospital Ransomware Attacks Go Beyond Health Care Data 


Are you ready to slay the Monsters of Cybersecurity? This checklist tells you what you’ll need to succeed! GET CHECKLIST>>


Major Cybersecurity Pain Points Persist 


HDO’s are experiencing myriad pain points when it comes to cybersecurity, and third-party risk is a major source of them. When researchers asked the survey respondents what their biggest concerns were about cybersecurity regarding their third-party relationships, the possible adverse impact on patient care that they could experience due to third-party risks was their number one concern. Over half of organizations cited the possible impact of third-party cybersecurity problems on patient safety and care disruption as their chief concerns. The health and welfare of patients outweighed any other pain point, ranking higher than security threats like ransomware and or the possibility of a data breach

What Are the Biggest Third-Party Cybersecurity Risk Concerns for Healthcare Entities? 

  • Patient safety 54% 
  • Care disruption 53% 
  • Ransomware 45% 
  • Lawsuits 39% 
  • Cybersecurity breach of PHI data 36% 
  • Regulatory violations and fines 27% 
  • Intellectual property loss 25% 
  • Internal audit failure 19% 
  • Other 2%  

Dive into how to reduce your client’s risk of phishing fast with the tips in The Phish Files. DOWNLOAD NOW>>


Organizations are Taking Action and Spending Money 


Healthcare organizations aren’t just sitting on their hands and bemoaning their fates. They’re increasing their cyber resilience and making adjustments to their security strategies that will minimize threats to patient care and hopefully minimize damage and downtime. Over half of the surveyed HDOs (54%) have created a business continuity plan that included planned system outages in the event of a ransomware incident. HDOs are also stepping up their investment in tools to quickly overcome cyberattacks and ensure a speedy recovery. Survey respondents said that tat their organizations, those investments included cyber insurance and increased backups of business-critical systems. Many organizations have also allocated funds for emergency use in the event of a cybersecurity disaster.


What Actions Are Healthcare Organizations Taking to Mitigate Cyberattack Damage?


  • Making a business continuity plan that includes a ransomware incident 54% 
  • Buying cyber insurance that includes coverage for a ransomware attack 51% 
  • Auditing and increasing back up of data and systems 34% 
  • Allocating funds for a possible ransomware attack 23% 
  • Educating employees about security risks like ransomware 20% 
  • Making advance determinations about paying ransoms 18% 
  • Updating software on a regular basis 17% 
  • Other 3%  

Respondents from the surveyed HDOs said that their organizations are also taking action to reduce their exposure to third-party risk. Some organizations are choosing to upgrade their security including a move to more automated solutions. Over half of those surveyed said that their organizations have opted to call in experts to manage the problem. By and large, healthcare organizations are well aware that there’s a problem and they’re willing to spend money to solve it.  


What Actions Are HDOs Taking to Mitigate Third-Party Risk?  


  • Allocating more budget towards risk management 46%  
  • Increasing assessment coverage on new vendors 43%  
  • Hiring incremental security and/or risk analysts 32%  
  • Increasing the number of re-assessments on existing vendors 37%  
  • Looking for automated solutions to improve efficiency 44%  
  • Outsourcing part or all of the function to a managed services provider 50% 
  • Other (please specify) 3%  

Can you spot a phishing email? This infographic shows you how to detect one! DOWNLOAD IT>>


ID Agent Helps Organizations Reduce Risk and Spot Trouble Fast 


Protection from dark web danger with Dark Web ID gives your security team the confidence that they’ve got credential compromise threats handled.  

  • Dark web search finds every compromised company credential fast, enabling you to fix them before the bad guys can exploit them  
  • Monitoring with 24/7/356 human and machine intelligence ensures that your team knows exactly what your company’s dark web exposure risk is in real-time  
  • Leverage out-of-the-box integrations with popular PSA platforms, for a fast, frictionless alerting and mitigation process, so you never miss a security event. 

Rely on BullPhish ID to deliver comprehensive security awareness training that works and reduce your company’s chance of having to use your incident response plan by up to 70%.  

  • Don’t just train employees about phishing –get them up to speed on threats like ransomware, smart security behaviors and compliance too.  
  • Make training and tracking a snap with personalized portals for every user, enabling trainers to painlessly track and assign training.  
  • Use premade plug-and-play kits or customize your training materials to reflect the unique industry threats that employees face daily. 

Book a demo of our innovative, affordable solutions today! 


ransomware defense can be complicated by cryptocurrency risk

See how ransomware really works, who gets paid & what’s next in our tell-all Ransomware Exposed! DOWNLOAD IT>>