top of page
  • Writer's pictureRichard Blech

Protecting Healthcare Systems from 3 Major Cyber Threats

The persistent cost of digitizing industries is the ever-present cyberattack. This is especially true for the healthcare industry, which has been a favorite target of malicious actors.

According to research, the healthcare sector was second only to the manufacturing and utilities sector with 78 compromises and over 7 million victims this year, through September 2021. And these figures apply only to those breaches that were publicly disclosed. The shift to remote care during the Covid-19 pandemic has only heightened the cybersecurity threat to healthcare systems as attackers seek to leverage the vulnerabilities of the technologies that make remote care possible.

Here are the three main cyberthreats targeting healthcare systems:


Third-party vendors, such as those that provide medical, IT, billing, supply chain or management services, were responsible for 20 percent of the healthcare data breaches that occurred in 2018. Since then, that percentage has increased. One recent example of vendor compromise is the ransomware attack on a billing and IT solutions vendor that serviced Anthem and Humana, impacting at least 4,000 patients. Healthcare systems are a series of interconnected networks, and these networks increasingly include those of the third-party vendors on whom they rely upon for essential services. The vendors are attack vectors that malicious actors will continue to use to gain access to the sensitive data of healthcare systems.


Ransomware attacks will continue to occur because of security vulnerabilities in healthcare systems and the high likelihood that the seizure of the data almost guarantees that a payment will be made. The average ransomware payment for the healthcare and public health sector is $131,000. The average monetary fallout of a ransomware attack is $1.27 million, with the costs being associated with ransom paid, downtime, lost opportunity, device expenses and other factors.


The use of electronic patient health records over physical health records means that the critical information contained in those records are vulnerable to cybertheft. The exfiltration of insurance forms, prescription information, medical histories, pharmacology records, patient records, healthcare data, clinical or R&D data, patient billing and other data containing PII place individuals at increased risk of identity theft. Exfiltration, which also occurs with employee data, often occurs before a ransomware attack is deployed, such as what took place with the US Fertility and Magellan Health breaches.


The increased digitizing of the healthcare sector has occurred with much less security spending than what has occurred in other industries. However, according to one report, it is not the only reason attackers have been so successful. For example:

  • Due to product deadlines and lack of training on secure coding, many manufacturers report that medical devices are difficult to secure, making them more vulnerable than standard network devices

  • Medical data and health research data are highly sought after on the black market

  • Months after a vulnerability disclosure, less than half of the vulnerable devices at a typical hospital will be patched

  • A lack of testing processes and quality assurance during development contribute to vulnerabilities in medical devices

  • Less than one-third of health delivery organizations have a comprehensive cybersecurity program

The end result has been more opportunities for cyber threats in the healthcare sector.


To protect their data and those of their patients and employees, healthcare systems have to take proactive steps:

  • Prioritize data security measures. Protecting healthcare data is not a one-solution fix. Effective data security should involve layers of tech solutions, such as endpoint security, impenetrable encryption, threat hunting and network monitoring. Continuous, 24/7 network monitoring is a critical part of detecting suspicious activity across a healthcare system. Quantum-safe encryption solutions that can be integrated into websites, mobile health apps, medical devices, emails and more are also necessary to ensure that if malicious actors steal data, said data remains unreadable and unusable to them. Corresponding security policies should also be in place to supplement the tech solutions.

  • Create security awareness. Both employees and patients should be educated regarding how the cybersecurity solutions and policies that are being used are protecting the system and their privacy. Humans are always the weakest link when a data breach occurs and it is incumbent on healthcare companies to provide training and regular cybersecurity awareness meeting with all their staff that touch data, devices or have access to the network to ensure their employees are well prepared to handle threats as they occur.

  • Conduct due diligence with all vendors. To reduce third-party vendor risk, annual risk assessments should be conducted at least annually. Healthcare system leaders should consider their vendors’ networks as part of the healthcare system’s attack surface. There should be an expectation that the security measures enacted to protect the network of the healthcare system are also being implemented on the vendor’s network.


As cybersecurity threats continue to escalate against the healthcare industry, IT leaders have to make sure that they have the most effective security solutions in place. XSOC CORP provides a family of cryptographic and encryption solutions, including the XSOC Cryptosystem, EBP, SOCKET and WAN-SOCKET, that can help safeguard sensitive data in the healthcare sector. To learn more about how our certified solutions can fortify healthcare cybersecurity, contact us today.


bottom of page