Healthcare Heartbeat 2024 Q4

Cybersecurity Trends and Threats in the Healthcare Sector

Health-ISAC’s 2024 Q4 Healthcare Heartbeat provides observations of ransomware, cybercrime trends, and malicious actor forum postings that could potentially impact healthcare sector organizations for situational awareness.

Health-ISAC observed a continuous trend of cyber security incidents and data breaches impacting healthcare over the past year. While ransomware events saw a slight decrease in Q3 of 2024, ransomware events continued to trend upward for 2024. VPN provider vulnerabilities and compromised credentials remained aconsistent theme that caused risk for organizations.

Health-ISAC provided 229 Targeted Alerts to specific Health-ISAC member organizations with potentially vulnerable infrastructure to help teams mitigate common vulnerabilities and exploits (CVEs) and actively exploit vulnerabilities. The most common themes included open and exposed databases, remote access tools, and a PAN-OS weakness.

TLP WHITE2024Q4HealthcareHeartbeat
Size : 3.2 MB Format : PDF

• Related Resources & News
• Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin
• New Cybersecurity Policies Could Protect Patient Health Data
• CyberWire Podcast: PHP flaw sparks global attack wave
• Health-ISAC Hacking Healthcare 3-14-2025
• HSCC Aiming to Identify Healthcare Workflow Chokepoints
• New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
• Are Efforts to Help Secure Rural Hospitals Doing Any Good?
• CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
• 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
• Cobalt Strike takedown effort cuts cracked versions by 80%