How to Address Healthcare’s Cybercrime Problem
The healthcare industry remains a prime target for cybercrime, with many prominent organizations falling victim to serious attacks.
In February 2024, Change Healthcare was infiltrated by cybercriminals who obtained the sensitive health data of potentially hundreds of millions of people. A few months later, an intruder hacked into the electronic health record system of Ascension, stealing the personally identifiable information (PII) of an undisclosed number of patients. These two incidents were very expensive and caused disruptions in various essential services. Change Healthcare, for example, has stated the incident will cost them more than $2.3bn so far in 2024. Both attacks also featured some of the most common cybercrime tactics, including phishing and ransomware. To protect themselves from a similar fate, healthcare organizations would be wise to know what kinds of attacks to look out for and why they continue to be effective. This article by Errol Weiss, Health-ISAC chief security officer, covers the top four methods of attack on health sector organizations and basic protocols to implement to prevent them.
- Related Resources & News
- Health-ISAC Hacking Healthcare 2-3-2025
- Exploring the Cybersecurity Roles of Manufacturers and Healthcare Organizations During the Medical Device Lifecycle
- Impacts of Proposed US Import Tariffs on the Global Health Sector
- NY Blood Center Attack Disrupts Suppliers in Several States
- 2025 Newsletter – February
- DeepSeek’s Security Risk Is A Critical Reminder For CIOs
- Threat Bulletin: SimpleHelp RMM Software Leveraged in Exploitation Attempt to Breach Networks
- EU Commission Calls for Health Sector ‘Cyber Action Plan’
- How to Manage Cyber Risk of Medical Devices – for Life
- Health-ISAC Hacking Healthcare 1-24-2025