Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireTechnologies & SolutionsSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Healthcare’s next emergency: Ransomware follows in the footsteps of the pandemic

By Andrew Homer
doctor telehealth freepik

Technology photo created by pressfoto - www.freepik.com

May 18, 2021

As the healthcare industry continues to navigate what we hope is the near end of the pandemic, it’s becoming increasingly clear that it’s dealing with a cybersecurity emergency as well. With frontline healthcare personnel working around the clock to care for a never-ending wave of COVID-19 patients and IT departments scrambling to support those who’ve transitioned to WFH since the pandemic began, healthcare has quickly become a favorite target for cybercriminals looking for quick infiltration and large payouts. More worrisome, the security threat shows no signs of slowing down as the pandemic recedes. 

In particular, government officials have highlighted the growing ransomware threat this past year — encouraging hospitals and other public health organizations to take immediate precautions against attacks. And their attempts to instill urgency are not misplaced. Healthcare continues to be targeted at a far greater frequency than other industries. Furthermore, the fact that ransomware attacks have shown their ability to limit or completely shut off access to critical care for patients in need, means healthcare organizations often feel like they have no choice but to pay a ransom once a breach has been disclosed. 

This, coupled with the fact that their security teams are often understaffed and working with slim budgets, means healthcare organizations’ alarm bells are ringing. And patients are paying close attention, too. Healthcare businesses are already reeling from massive losses during the pandemic, and cyberattacks could cause further long-term damage beyond the initial attack. Our research at Morphisec indicates that almost 3-in-10 consumers say they would consider switching providers if their records were breached in a cyberattack. Considering that same report found that 1-in-5 Americans say a cyberattack has impacted their healthcare provider in the past year, it’s undoubtedly worrying news for the entire industry.

With this in mind, here are three avenues hackers are likely to exploit as healthcare becomes a more attractive target and what providers’ need to do to protect their sensitive data and safeguard the lives of their patients.

 

Targeting Weak Email Phishing Defenses 

The healthcare industry has been overwhelmed by cyberattacks in the past two years. And while cybercriminals have gone through various avenues to infiltrate networks, email has become a top choice for several reasons. For one, a lack of training or awareness about phishing increases the likelihood of success, as hackers become more skilled at taking advantage of vulnerabilities brought on by human error. 

A 2019 study published in the Journal of the American Medical Association aimed to illustrate this danger when researchers sent almost three million simulated phishing messages to hospital employees. An astonishing 422,062 clicks occurred, indicating that an overwhelming amount of recipients fell for the trap.

Additionally, hackers’ email phishing techniques are growing more sophisticated, with many taking the time to study a company’s personnel and learn their manner of speaking by email before spoofing them. This, along with authentic-looking email addresses, makes it incredibly difficult for employees to decipher between a scam and legitimate communications. 

This is why it’s hardly a surprise that consumers have pinpointed their healthcare provider’s email phishing defenses as their biggest worry, with 26% saying that they believe this is their provider’s weakest link when it comes to their cybersecurity defenses. Of course, all it takes is one click for an entire organization to fall prey to a phishing attack — one click to place sensitive information in the wrong hands and leave millions of dollars worth of clean up. 

 

Telehealth Growth Opens Up a New Attack Surface

With COVID-19 fueling major technological innovations within the industry — namely the offering and use of telemedicine services — how people visit their doctor and receive treatment has changed forever. In fact, 56% of patients have used telemedicine alternatives to in-person healthcare visits during the pandemic, including 55% of those 60-years-old and older and 59% of women. 

And while the rise in the use of hybrid care options can be highly beneficial for healthcare providers and patients alike, the surge in adoption of digital tools has unfortunately left more people open to attacks in these virtual settings.

Why? To meet consumers’ demands for contactless healthcare, the federal government has had to temporarily relax HIPAA restrictions on telehealth so that providers can use tools like Zoom to treat patients. Of course, cybercriminals have quickly found the security gaps in these tools — gaps made all the more prevalent because many providers needed to conduct visits from unsecured networks at home.

And while telehealth has been nothing short of a lifeline for millions of patients during the pandemic, most are very aware of the cybersecurity risks that come with wide-scale adoption. For example, over half (53%) state that they’re more worried about the security of their personal health information in a telemedicine setting than in an in-person environment. Meanwhile, 57% say that they believe healthcare providers working remotely during the pandemic and using these virtual tools has increased the risk of their personal health information being compromised. 

With COVID-19 massively accelerating consumers’ expectations for contactless service, the telemedicine market is expected to continue to grow even after the pandemic ends. It’s therefore vital that healthcare organizations prioritize their virtual endpoints' security or watch their attack surface increase exponentially.

 

Increasing Payouts by Shutting Down Access to Care

Ransomware attacks shutting down access to care has provided a new worry for patients and providers. As already mentioned, a cyber attack on a healthcare provider turned fatal in September when a ransomware attack at the University Hospital Dusseldorf forced staff to postpone planned and outpatient treatments and route some patients to alternative medical facilities.

This type of critical care interference is becoming more common in ransomware attacks. As a result, it has increased Americans’ anxiety around a potential attack preventing them from receiving care in their time of need. Morphisec found that 6-in-10 consumers admit they are more worried about this now than they were a year ago. 

Groups like Ryuk, for example, typically target the user interface that manages, monitors, and controls devices such as imaging equipment. This medical equipment and the computers connected to them are often ransomed in tandem, rendering them unusable and leaving healthcare staff unable to care for patients. 

And because they understand just how damaging downtime is, they’re increasingly targeting big-name players and demanding larger payouts. The average ransom payout for a Ryuk hit, for instance, climbed to $1.4 million in 2020. UHS Hospitals, the $11.4 billion healthcare organization, learned first-hand when its phone and computer systems were shut down, and patient care was either delayed or severely limited. 

Indeed, the healthcare industry is under more pressure to protect its critical networks 24/7, which only acts to incentivize hackers who know they have much to gain from infiltration. The good news, however, is that they don’t need complex solutions to protect themselves. Instead, this cybersecurity crisis should stimulate IT departments to examine their investments and question whether they’re relying on more tools for less protection. 

Malware is modernizing rapidly and is learning to bypass widely-used next-gen systems entirely, thus essentially turning complex security stacks into white elephants. For healthcare, IT departments struggling under the weight of its most significant ever emergency, the only way for them to truly protect their organizations and their patients is to take a proactive defense approach that builds off a simplified security stack. Because, as we’ve seen, money-hungry cybercriminals are ready to pounce on the first vulnerability they catch. And without the most effective cybersecurity tools in place, healthcare organizations can expect to pay a high price not only in terms of money but lives lost, too. 

KEYWORDS: cyber security healthcare security information security malware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Andrew Homer is VP of Security Strategy at Morphisec.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

2025 Security Benchmark banner

Events

September 29, 2025

Global Security Exchange (GSX)

 

November 17, 2025

SECURITY 500 Conference

This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cyber-security.jpg

    The next evolution of cyber defense: Ransomware-proof object storage

    See More
  • From the ER to the Executive Suite, Hospitals Tighten Up

    Don’t let your guard down over IT security during the pandemic

    See More
  • cyber freepik

    Is the World Economic Forum's prediction of a global cybersecurity failure in the next 10 years avoidable?

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing