Cyber Threats Targeting the Healthcare Sector: Urgent Call for Action

Increasing Cyber Threats in the Healthcare Sector



Check Point Software Technologies Ltd. has recently warned about a surge in cyber attacks on the healthcare sector, as highlighted by its threat intelligence division, Check Point Research (CPR). The alarming data underscores the severe risks posed to public health due to insufficient cybersecurity measures.

The Healthcare Sector as a Prime Target



According to CPR's findings, healthcare organizations have become one of the most frequently targeted sectors for cybercriminals globally. Since the beginning of 2025, hospitals have experienced an average of 2,309 cyber attacks per organization per week—a staggering 39% increase compared to the previous year. The Asia-Pacific (APAC) region tops the list, with an average of 3,957 attacks weekly per organization, reflecting a 7% increase. Conversely, North America has witnessed an unprecedented 57% increase, leading to an average of 2,110 weekly attacks per organization.

The primary reason healthcare is a major target is its critical nature. Any downtimes or breaches can lead to delayed treatments and pose life-threatening risks. Authorities like the FBI and Interpol have warned that hospitals are increasingly viewed as primary targets for ransom attacks. From ransomware targeting healthcare facilities in Newfoundland to malware that incapacitated the Hillel Yaffe Medical Center in Israel, the trend is prevalent and growing.

The Impact of Cyber Attacks



Most breaches within the healthcare sector are not attributed to sophisticated zero-day attacks but rather to phishing attempts, unpatched systems, and improperly configured networks. Despite the potential for preventive measures, such actions are not prioritized. Cyber hygiene deficiencies exacerbate the cascading failures within healthcare setups. The result? Critical systems such as electronic health records, diagnostic tools, and scheduling software become non-functional, pushing staff to resort to manual processes. This leads to treatment delays, changes in surgery schedules, and emergency transfers, directly affecting patient outcomes and potentially increasing mortality rates.

In addition to immediate disruptions, these attacks compromise patient safety and trust dramatically. The inability of medical staff to access accurate data raises the likelihood of medical errors, simultaneously eroding public trust in reliable healthcare provision. This is particularly concerning given the rising incidents of double extortion tactics in which sensitive data breaches occur.

The ramifications extend beyond immediate chaos; staff morale, financial stability, and future preparedness are also compromised. Extended crises force healthcare facilities to divert resources from patient care to recovery efforts, escalating employee stress levels. Repeated breaches undermine long-term resilience, causing hospitals to be perceived as easy targets for future attacks, thus eroding the foundation of public healthcare systems.

The Crux of the Crisis: Lack of Cyber Hygiene



The root of this crisis lies in the pervasive absence of cyber hygiene within healthcare facilities. Many institutions rely on a combination of fragmented and outdated infrastructures. This mix of legacy systems and modern technology is not designed to operate safely together. A significant portion of medical devices are not designed with security in mind, and many of them remain out of effective IT oversight, resulting in an ever-expanding attack surface that traditional protective methods cannot adequately address.

This situation becomes even more critical in developing countries with limited resources. Tightened budgets lead directly to antiquated systems, insufficient staff training, and few means to protect patient data. Consequently, healthcare facilities in low-income areas become prime targets for cybercriminals, perpetuating a vicious cycle of attacks and defense shortcomings that jeopardize healthcare provision and public trust alike.

Growing Risks from Connected Medical Devices



Particularly concerning are the increasing attacks on always-connected medical devices such as pacemakers, insulin pumps, and imaging equipment. According to the “2023 State of Cybersecurity for Medical Devices and Healthcare Systems Report” from Health-ISAC, Finite State, and Securin, over 1,000 vulnerabilities were identified in medical devices this year, yet only 15% of manufacturers have implemented a public vulnerability disclosure program.

With the Internet of Medical Things (IoMT) serving as an unguarded entry point, attackers can instigate chaos without needing to infiltrate the hospital's network. The sophistication of cybercriminal tactics has evolved, targeting not just networks and databases but increasingly focusing on medical devices as well. A stark example is the 2017 WannaCry ransomware attack, which infected 1,200 diagnostic devices, forcing even more equipment into temporary inactivity to contain the spread. Reports from the UK's National Audit Office highlight that this attack caused several emergency departments to close and required patient transfers to other hospitals—cancelling over 19,000 appointments across various NHS facilities.

Ransomware group attacks have also delayed life-saving medical services by locking down radiation-related systems and encrypting diagnostic data. This demonstrates the critical reality that these issues extend beyond mere data breaches; they directly endanger patient safety.

Preventive Measures: The Best Medicine



As the risks and threats to the healthcare industry escalate, so do the protective measures. Healthcare providers don't need to succumb to the whims of cybercriminals. To fortify cyber resilience in the healthcare sector, Check Point recommends five crucial strategies:

1. Employee Training: Phishing continues to be a leading entry point for attacks. Ongoing training for staff is essential, and solutions like Check Point Harmony Email & Collaboration should be implemented.

2. Achieving Complete Visibility: Unmonitored devices are high-risk. Inventory all assets, including cloud, IoT, and legacy technologies, and assign risk scores.

3. Network Segmentation and Isolation: Use zero-trust segmentation to prevent lateral spread during an incident. Design security measures that anticipate breaches.

4. Implementing Prevention-First Security Measures: Prepare tools that go beyond detection, utilizing AI-powered solutions to block attacks before they execute.

5. Unified and Integrated Security: Silos create risk factors. Integrated platforms, such as Check Point Infinity, offer comprehensive end-to-end protection across various users, devices, and data sets.

This press release is based on a blog published on April 7, 2025, US time.

Topics Health)

【About Using Articles】

You can freely use the title and article content by linking to the page where the article is posted.
※ Images cannot be used.

【About Links】

Links are free to use.