Why Do Hackers Often Choose to Attack the Health Sector

On December 2022, a grave and unfortunate incident occurred in a Kansas clinic. A data breach had occurred, compromising several patients’ sensitive medical records.

The clinic announced the incident on February 17, 2023. The breach involved the following, among others:

  • Social Security numbers
  • Health insurance information
  • Medical record numbers (MRN)
  • Medical history

On November 28, 2022, a hospital in Dorchester, Massachusetts, suffered a ransomware attack. Hackers stole the protected health information (PHI) of 10,161 patients.

An email blunder at an Ohio Community Health Center exposed the PHI of over 500 individuals. An unencrypted email sent to a business partner contained sensitive data, including:

  • Patient dental visit schedules
  • Patient names
  • Their birthdays
  • Medical record numbers
  • A brief explanation of the reason for the appointment

In recent years, several cyberattacks in the healthcare sector caught media attention. It made the industry the focus of public criticism. The usual themes in healthcare cyberattacks include the following:

  • Poor cybersecurity awareness
  • Weak infrastructure and system security practices
  • Flaws in policy and control frameworks
  • Lack of understanding of cybersecurity

These incidents suggest that eHealth advances ushered in new kinds of security threats. Policy and regulation lagging behind technology make things worse. Many issues afflict the healthcare industry, and its technical competence is inadequate. Still, the outcomes have been dire.

Read: What Are the Most Common Cybersecurity Threats Your Business Might Encounter

The healthcare industry faces these cybersecurity threats:

1. Phishing

According to recent research, phishing is the biggest security threat to healthcare facilities.

The 2021 HIMSS Healthcare Cybersecurity Survey asked 167 cybersecurity experts about security incidents in the past year. About 45% reported phishing as their most serious security breach in the past year.

Phishing attacks use email or fake websites to get personal details. An attacker may send an email claiming to be from a financial institution. They will request sensitive account details. Criminals use the data to break into your accounts.

They often use holidays, disasters, and public health crises to launch their attacks.

Knowledge is the best shield against healthcare phishing attacks. Healthcare institutions can gain an edge over hackers by:

  • Being aware of the common signs of phishing attacks
  • Providing workers with cyber hygiene training
  • Deploying proper technical measures
  • Keeping up-to-date on the latest cybersecurity threats facing the industry

Read: The Biggest Cybersecurity Threats For 2023

2. Credential Harvesting

Criminals use credential harvesting attacks to exploit weaknesses in computer systems and networks. They steal account credentials using digital tools. Such credentials include usernames, passwords, email addresses, and postal addresses.

The hackers use various methods, including man-in-the-middle (MiTM) attacks, DNS poisoning, and phishing. These credentials allow access to the organization’s computer network, database, and other systems. The hacker might use the Dark Web to sell this info to interested parties.

The growth of credential harvesting attacks is a serious concern. According to the Account Takeover Report, 24 billion credentials are for sale on the dark web. It’s crucial to be aware of credential harvesting attacks and exercise caution.

Password hygiene awareness prevents employees from repeating passwords or leaving accounts vulnerable. Password managers can help users create unique passwords and store them in a safe place.

Password managers also curb phishing attacks. They auto-fill login credentials when employees access websites they have saved passwords. Employees must know the website is fake if the password manager won’t autofill.

Read: Is Your Company Ready for a Ransomware Attack

3. Ransomware

Ransomware is malicious software that encrypts data and systems. It demands payment before restoring access.

Ransomware can slow down or halt critical procedures in the healthcare sector. Hospitals must thus use pen and paper. It prolongs the medical process and consumes resources that could modernize the facility.

Ransomware infects devices through one of three channels:

  • Through infected attachments in phishing emails
  • By clicking a malicious link
  • By exposure to ‘malvertisement’, an ad containing malware

Defense is the first and most vital step in averting a ransomware attack. Multi-layered security firewalls will keep ransomware at bay. They can work against old or new variants. These firewalls protect email, operating systems, and mobile devices from phishing.

Final Words

52% of cyberattacks in the US healthcare industry in 2021 targeted financial data. Also, 43% of events involved attacks on employee data. Meanwhile, 39% of attacks affected patient records. Another 15% included trade secrets.

Healthcare companies must use modern tactics to protect them from cyberattacks. Criminals want these assets because of their great value.


If you like the content, we would appreciate your support by buying us a coffee. Thank you so much for your visit and support.


Nikolaus Oosterhof

Nikolaus holds a degree in software development and has a strong passion for all things tech-related, especially gadgets with screens. Though he is nostalgic for older phone models, he's a retired gamer and continues to enjoy programming in open-source environments. Additionally, Nikolaus enjoys writing about Linux, macOS and Windows and has experience designing web pages.

Leave a Reply