Cyberattacks in Healthcare: Rising Threats and Costly Consequences

Healthcare organizations are facing an unprecedented wave of cyberattacks, with severe financial and operational repercussions. A recent survey by cybersecurity firm Netwrix reveals the extent of the problem and its far-reaching impacts on the industry.

Widespread Attacks and Financial Losses

More than 80% of healthcare organizations detected a cyberattack on their technology infrastructure within the past year, according to the Netwrix survey. The healthcare sector appears to be particularly vulnerable to financial losses resulting from these attacks, with nearly 70% of healthcare companies reporting financial damage compared to 60% in other industries.

The scale of these losses can be staggering. UnitedHealth-owned Change Healthcare, a claims processor and technology firm, suffered a massive cyberattack that exposed the data of 100 million people and cost the parent company $3.1 billion. Similarly, Ascension, a nonprofit health system, experienced a breach compromising information from 5.6 million people, contributing to a $1.1 billion net loss during its 2024 fiscal year.

Leadership Changes and Legal Consequences

The aftermath of cyberattacks in healthcare extends beyond immediate financial losses. One in five healthcare organizations reported a change in senior leadership following an attack, while 19% faced lawsuits. Ilia Sotnikov, Security Strategist at Netwrix, explained that the highly regulated nature of the healthcare industry leads to more penalties for noncompliance and potential lawsuits from affected individuals.

The pressure to demonstrate a commitment to improving security may drive these leadership changes. Protected health data breaches often contain sensitive details that attract media and public attention, further intensifying the scrutiny on healthcare organizations.

Common Attack Vectors and Vulnerabilities

Phishing remains the most common type of cyberattack targeting healthcare technology systems stored on premises, mirroring trends in other industries. However, cloud infrastructure faces a different threat landscape, with nearly three-quarters of attacks on healthcare organizations' cloud systems caused by compromised user or administrator accounts.

Dirk Schrader, vice president of security research at Netwrix, highlighted the unique challenges facing healthcare workers: "Healthcare workers regularly communicate with many people they do not know — patients, laboratory assistants, external auditors and more — so properly vetting every message is a huge burden. Plus, they do not realize how critical it is to be cautious, since security awareness training often takes a back seat to the urgent work of taking care of patients."

As healthcare organizations continue to grapple with these evolving cyber threats, the industry faces mounting pressure to bolster its defenses and mitigate the potentially devastating consequences of successful attacks.