Frequent ransomware attacks in healthcare and public health sectors elevate security threats to OT/IoT environments

Industrial Cyber reached out to experts in the healthcare sector to assess the manner in which ransomware attacks affect the OT/IoT environments across the healthcare and public health sectors.

“For the most part, when it comes to ransomware in the OT/IoT space, the health sector has mainly been affected by attacks against third party suppliers,” Denise Anderson, president and CEO of the Health Information Sharing and Analysis Center (H-ISAC), told Industrial Cyber. “For example, during the COVID-19 pandemic, organizations that pharmaceutical manufacturers relied on for packaging vaccines and therapeutics experienced ransomware attacks, which halted operations and impacted packaging supply and ultimately the distribution of vaccines and therapeutics,” she added.

Organizations in the healthcare and public health sectors are facing an increasing number of ransomware attacks, often leaving hospital networks vulnerable. With these adversaries lurking around in the OT/IoT environments, they have become considerably more capable of executing significant attacks at scale while also taking advantage of the growing success of the ransomware-as-a-service (RaaS) model.

The healthcare and public health sectors remain a top attack vector for cybercriminals and ransomware threat groups. However, hackers are shifting their focus to smaller entities that truly have a deficit in cyber defenses, showing a huge change in victims and approach. Additionally, changes in government regulations, a massive revolution in connectivity of medical devices and mobile technology, and transformation in how care is delivered and consumed have come together to form a perfect storm of complexity and vulnerability, which cyber adversaries target.

Link to full article in Industrial Cyber:

https://industrialcyber.co/features/frequent-ransomware-attacks-in-healthcare-and-public-health-sectors-elevate-security-threats-to-ot-iot-environments/

• Related Resources & News
• New HIPAA Cybersecurity Rules Pull No Punches
• What’s in HHS’ Proposed HIPAA Security Rule Overhaul?
• Cyber Threats Know No Borders
• Health-ISAC Hacking Healthcare 1-10-2025
• Google’s rural healthcare cybersecurity initiative
• Gen Z is stealing your health data—and the consequences may be worse than you think
• Left to Our Own Devices Podcast #71: Errol Weiss
• 2025 Newsletter – January
• The Year Ahead: What Can We Expect Within the Cybersecurity Landscape?
• Defending Healthcare Facilities Against Ransomware Attacks