Experts Weigh In as US Health System Faces Critical Risk From Increasing Cyberattacks

By: Alex Trent | Published: Jun 05, 2024

The healthcare system in the United States has been facing an increased risk from cyberattacks in recent years. 

In the past, cybersecurity experts have predicted this rise, warning the US government has not been taking the threat seriously enough as patients face risks to their privacy and cyber intruders have increased ways to run amuck in the nation’s health system.

Cyber Spike

FBI data tracking internet crime in 2023 found that the healthcare industry had the highest number of organizations falling victim to ransomware attacks.

A laptop showing a pirate skull flag on a red background.

Michael Geiger/Unsplash

The number of ransomware attacks almost doubled in one year from 2022 to 2023. The data suggests that hospitals are attractive targets for ransomware because they are more likely than other organizations to make payments to get critical patient data back.


Why are Hospitals More at Risk?

In addition to hospitals having a trove of valuable data, the way hospitals are budgeted often leaves little resources for cyber security.

A close-up of an emergency sign on a hospital building.

Source: Pixabay/Pexels

Also, many hospitals rely on the use of older equipment and outdated computer software out of necessity. Sometimes critical equipment can only run with certain versions of operating systems, making the upgrade process tricky.


As the world becomes more connected through network and internet-based technology, this leaves the healthcare system with one foot in, and one foot out.

An artist interpretation of internet links connecting together.

Source: JJ Ying/Unsplash

“Unfortunately, the unintended consequence of the use of all this network and internet-connected technology is it expanded our digital attack surface,” said John Riggi, cybersecurity adviser for the American Hospital Association. “So, many more opportunities for bad guys to penetrate our networks.”

Recent Attacks

This past November, a massive ransomware attack targeted a healthcare company that operates 30 hospitals and around 200 health facilities in the country.

A closeup of the WASD keys on a keyboard.

Source: Muha ajjan/Unsplash

The attack disrupted services in several states, causing doctors to postpone surgeries and divert critical emergency room patients until the issue could be resolved. These doctors were unable to get access to critical information related to patient care.

Adversarial Mindset

Erik Decker, vice president and chief information security officer at Intermountain Health, recently argued in a virtual event that the healthcare industry needs to confront cyberattackers with an “adversarial mindset.”

A person in a dark hoodie, sitting at a desk with two laptops

Source: Azamat E/Unsplash

“[Criminals] have a big desire to make a lot of money, or as much money as they can, in a specific time frame,” said Decker, describing the problem with sophisticated threats from cyber intruders.


Cyber Health Conference

The Intermountain Health conference featured many experts, who each spoke about how the rise in cyberattacks is affecting them.

A silhouette of a person in a hoodie, suggestive of a cyber hacker, with a background of digital code reflecting on the silhouette

Source: freepik

“Cyber incidents are not just about losing data anymore. They’re about losing patients’ confidence, undermining safety and impacting care delivery and lives,” said Vugar Zeynalov, chief information security officer of the Cleveland Clinic Health System.


Limiting Surface Area

As more hospital and patient data becomes integrated through internet technologies like cloud computing, experts are advocating to reduce the points of failure as much as possible.

A wall of internet code containing critical data.

Source: Markus Spiske/Unsplash

“What you’re trying to do is really limit the overall blast radius of the breach,” said Marc Maiffret, chief technology officer of BeyondTrust, a company that helps companies protect themselves from cyber-attacks.


Embracing the Cloud

Last year, GHX reported that by 2025, it is predicted that nearly 70% of all hospitals and health systems will have adopted a cloud-based approach to supply chain management.

A singular cloud hanging against a blue sky.

Source: C Dustin/Unsplash

96% of US hospitals have successfully switched from paper to electronic medical records systems.


Three Ways of Infiltration

Decker explained in the conference the three primary ways that attacks are successfully infiltrating hospitals and care networks.

A worm representing a malicious actor travels between devices

Source: Growtika/Unsplash

“The first way is through social engineering. So, it’s the phish. It’s the malware dropper on an email that you get through a click,” said Decker.


Misconfigured System

The second way that systems are exploited has to do with an improperly set or misconfigured system with access to the internet. Cybercriminals can find and exploit weaknesses to gain access to the system.

A person hacking into a cybersecurity system. There is an iPad in front of a computer. Both screens are on with lots of writing in various colors.

Source: Pressfoto/Freepik

In late 2018, a database misconfiguration exposed nearly 1 million patients of UW medicine to vulnerability.


Remote Access

The third way the health industry is getting attacked digitally is through connections to third parties and remote access points.

An internet cord lying on the ground and disconnected.

Source: Rivage/Unsplash

“Pretty much every single ransomware attack that you’ve seen or heard about in the news, one of those three ways was the initial intrusion point,” said Decker.