Healthcare Heartbeat Q3 2023

Cybersecurity Trends and Threats in the Healthcare Sector
Health-ISAC’s Q3 2023 Healthcare Heartbeat provides observations of ransomware, cybercrime trends, and malicious actor forum postings that could potentially impact healthcare sector organizations. This product is for your situational awareness, and Health-ISAC recommends members affiliated with the victim companies
or those potentially impacted take appropriate measures to secure critical infrastructure.
If Health-ISAC becomes aware of an imminent threat to members of the healthcare sector, the information will be communicated directly with the impacted organization.
Health-ISAC will continue to monitor this activity and provide relevant updates when necessary. If you have any questions or comments, please email us at contact@h-isac.org. The TLP:GREEN version of the Healthcare Heartbeat is available for Members within the portal.
The White Paper Includes:
- Ransomware Attacks Against Healthcare
- Healthcare Sector Analysis: DICOM Exposure Statistics and RDP Exposure Statistics
- Healthcare Sector Statistics: Global Events Analysis
- Threat Actor Profile: BlackCat/ALPHV Ransomware Group
- Recommendations and References
Health-ISAC observed a continuous trend of cyber security incidents and data breaches impacting healthcare over 2021, 2022, and 2023. In 2021, according to Health-ISAC tracking, the average number of healthcare sector ransomware incidents per quarter was 30. In 2022, that number rose slightly to over 32 per quarter. In contrast, the number of ransomware incidents in the healthcare sector in 2023 has increased dramatically, largely due to the Progress MOVEit file transfer vulnerability.
Downloadable PDF
- Related Resources & News
- Health-ISAC Hacking Healthcare 2-3-2025
- Exploring the Cybersecurity Roles of Manufacturers and Healthcare Organizations During the Medical Device Lifecycle
- Impacts of Proposed US Import Tariffs on the Global Health Sector
- NY Blood Center Attack Disrupts Suppliers in Several States
- 2025 Newsletter – February
- DeepSeek’s Security Risk Is A Critical Reminder For CIOs
- Threat Bulletin: SimpleHelp RMM Software Leveraged in Exploitation Attempt to Breach Networks
- EU Commission Calls for Health Sector ‘Cyber Action Plan’
- How to Manage Cyber Risk of Medical Devices – for Life
- Health-ISAC Hacking Healthcare 1-24-2025