Cyber attacks across the healthcare sector are rampant and show no signs of abating. Security and network teams within this industry have the odds stacked against them; proving that it's crucial to build a multi-faceted security strategy that is smart, both in regards to spend and resources.

Healthcare under attack

When it comes to cyber attacks healthcare is the highest targeted sector. In 2017 there were over 300 breaches. That is over 29 times the number of breaches reported across the hospitality industry.

There are many reasons why healthcare is such an attractive target to cybercriminals, including:

  1. Patient data is valuable data – the information contained in a patient’s files include personally identifiable information (PII) including names, date of births and social security numbers, as well as a whole host of additional information that has a high value on the dark web.
  2. Open to extortion – where data has a high worth the incentive for extortion increases.
  3. An increasing attack surface – the ever-expanding areas healthcare networks have to support is only going to increase. From internet based consulting to remote workers and patients requiring online access to records, not to mention the proliferation of the Internet of Medical Things (IoMT), the attack surface of the healthcare sector is growing exponentially.
  4. Vulnerable infrastructure – historically there has been a lack of investment in cybersecurity within this industry, both concerning human resources and infrastructure investment. Historically, expenditure has averaged 50% compared to that of other sectors. ‘Lean’ teams coupled with a rapidly changing cyber threat landscape significantly increases an organization’s vulnerability to threats.

The consequences of a cyber attack

When a provider within healthcare is subject to an IT security breach the ramifications go far beyond the initial internal IT ‘mop-up’:

The potential risk to life – on multiple levels there is a risk to human life, from operations having to be canceled to no access to medical records for emergency treatment, not forgetting the number of IoMT devices which can be compromised. Take a glance at the numerous articles on the web concerning a pacemaker’s vulnerability to hacking, and you’ll soon understand the risk IoMT devices can present.

Brand & reputation – once a data breach becomes public the media feeding frenzy commences. One only has to look to the National Health Service in the UK in 2017 which was effectively brought to a standstill by the WannaCry ransomware. The media coverage was global and prolonged.

In countries where an individual can choose their healthcare provider it’s hardly likely they will trust an organization with their life if that organization can’t be trusted with their personal data.

Financial – loss of productivity, cost of remediation, missing pay for performance deadlines and heavy financial fines from governing bodies and authorities such as HIPAA, not to mention penalties under GDPR, all contribute to weighty post-breach costs.

The costs of Healthcare data breaches far exceed other industries. Following a security breach, The University of Washington Medicine incurred a $750,000 HIPAA fine. In Ponemon’s 2017 Data Breach report it was estimated that a data breach in the Healthcare industry costs an organization $380 per record, in comparison to a global average of $141! For the NHS in the UK, the cost of the fall-out from WannaCry has nearly reached £100m.

Continually changing threats

Taking all the above into consideration, it is clear that security teams within the Healthcare sector have to be smart with their IT security spending. With reduced resources and funds it’s almost impossible to keep abreast of the latest security threats.

Ransomware attacks declined by 32% in Q1 2018 from Q4 2017, while coin mining (cryptojacking/cryptomining) increased by 1,189%. With such a quickly shifting threat landscape maintaining expertise across all areas is challenging for even large teams, let alone smaller ones.

Healthcare security teams have to look to solutions that automatically mitigate risk, protecting patient data and devices while freeing up precious manpower resources to focus on other issues, without a hefty price tag.

Related Products

Data Query Service (DQS)

Spamhaus’ Data Query Service (DQS) is an affordable and effective solution to protect your email infrastructure and users.

Using your existing email protection solution, you will be able to block spam and other related threats including malware, ransomware, and phishing emails.

The service has never failed and utilizes the longest established DNSBLs in the industry.

  • Proactive & preventative
  • Save on email infrastructure & management costs
  • Actionable

Passive DNS

Our Passive DNS allows you to quickly and easily navigate through billions of DNS records to shine a spotlight on potentially malicious internet resources associated with your network or domain.

  • Reduce investigation times
  • Enrich data sources
  • Protect customers and end-users


Free DNS protection for Healthcare providers

3 April 2020


Healthcare providers are facing an increasing number of cyber attacks in the face of the COVID-19 crisis. To help combat malicious threats including malware, phishing and ransomware we are offering Healthcare providers free access to our DNS Firewall Threat Feeds until the end of this year.

Protecting data in the Healthcare industry

29 July 2017


This report looks at the increased cyber threats Healthcare providers are facing, the reasons behind this and also the best practices for protecting against attacks in this industry.

New industry report reveals top threats to healthcare

21 July 2017


Read the White Paper 'Protecting Data in the Healthcare Industry' here