Cybercrime is relentless, driven by financial gain. Hackers choose their targets strategically, focusing on areas where they are most likely to succeed and where the data has the most value. Not surprisingly, healthcare is the third most targeted industry for cyberattacks.
According to data from Check Point Research (CPR), its Threat Intelligence division Check Point Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cloud-based AI-powered cyber security platform, from January to September 2024, the global average weekly number of attacks per organization in the healthcare industry was 2,018. This represents an increase of 32% compared to the same period last year.
Healthcare organizations around the world have experienced a significant increase in cyber attacks. From January to September 2024, the APAC region led in attack volume, with an average of 4,556 weekly attacks per organization – an increase of 54%. The rapid adoption of digital health records and telemedicine, combined with inadequate cyber security infrastructure, has made ARAK healthcare systems vulnerable to advanced cyber threats.
Latin America saw an average of 2,703 attacks per week per organization, a 34% increase, in part due to weaker regulations and underfunded cybersecurity initiatives. Europe, although it reported fewer weekly attacks (1,686), saw the largest percentage increase of 56%, with a growing trust in digital tools without the corresponding investment in security that makes Healthcare organizations are prime targets for ransomware and data theft. In North America, the healthcare sector saw an average of 1,607 attacks per week, an increase of 20%, largely due to valuable patient data being exploited by cybercriminals.
Strengthening Healthcare Cybersecurity: Greece’s Resilience Amid Growing Global Threats
While global healthcare sectors face growing cyber threats, Greece remains in a relatively better position compared to many other European countries. In Greece, health organizations faced an average of 1,241 attacks per week in the last six months, which is lower than the 1,686 attacks per week that occurred in the European average. This means that Greece experiences about 26% fewer attacks than the European average.
Despite the ongoing challenges, the health sector in Greece is managing to mitigate some of the worst effects of these attacks through preventive measures. Information disclosure is the most common vulnerability affecting 78% of organizations in Greece, but the overall impact remains below that experienced by other European nations. These figures show that while Greece faces significant risks, it has maintained a relatively stronger posture in cyber security compared to other regions.
Ransomware and its growing threat
Hospitals and healthcare facilities cannot allow service interruptions as they can put patient safety at immediate risk. Unfortunately, sensitive patient data is highly sought after on the dark web and is often used in extortion schemes. Ransomware has become the most dangerous threat, paralyzing countless hospitals around the world.
In the context of World Patient Safety Day, declared by the World Health Organization (WHO) on September 17, it is vital to emphasize that patient safety is not limited to physical care. Cyberattacks that compromise healthcare systems put the health and lives of patients at risk.
Cybercriminals collaborate through dark web forums, offering ransomware-as-a-service (RaaS). Even amateur hackers can now access sophisticated tools and infrastructure to target healthcare institutions. For example, a hacker named Cicada3301 announced a new RaaS group in an underground forum, asking only a 20% commission for successful attacks. The structured nature of these criminal activities mirrors legitimate business activities.
In one real case, Cicada3301 exposed data stolen from the Italian medical organization ASST Rhodense on a “shame website” to pressure the victim to pay the ransom. Unfortunately, such incidents are becoming more common, with ransomware groups offering encryption tools and infrastructure to partners while posting stolen data online to force payment. Some hackers also sell access to compromised hospital systems, allowing further exploitation.
The role of cybersecurity in ensuring patient safety
“Healthcare organizations face tremendous risks, and patients are often the target of cyberattacks,” says Sergey Shykevich, Threat Intelligence Group Manager at Check Point Research. “Ensuring patient safety in the digital age requires more than technology solutions – it requires a culture of security and constant threat awareness.”
Key cybersecurity recommendations for healthcare organizations:
- Beware of Trojans: Ransomware attacks usually start with Trojan infections, which appear days or weeks before the actual attack.
- Be careful on weekends and holidays: Cybercriminals often strike when IT teams are out of service.
- Use anti-ransomware solutions: Detect suspicious activity and repair any damage in minutes to prevent catastrophic losses.
- Back up data regularly: Consistent backups can restore systems quickly without paying a ransom.
- Limit access: Segment networks and restrict user access to minimize the spread of an attack.
- Educate staff: Training employees to recognize phishing and other cyber threats is critical to preventing breaches.
- Install updates and fixes: Update your software and systems regularly to avoid exploiting known vulnerabilities.
- Strengthen passwords and use MFA: Default passwords are an easy target – enforce strong, complex passwords and multi-factor authentication.
- Comply with regulations: Ensure compliance with privacy and cybersecurity regulations to protect patient data.
- Secure all devices: From servers to IoT devices, all systems need to be protected with the best cybersecurity solutions available.
Healthcare organizations must take proactive measures to protect their digital infrastructure. On the occasion of World Patient Safety Day yesterday, it is important that we all reflect on the imperative need for strong cyber security solutions and the development of a culture of continuous awareness. This need has never been more urgent.