The vast majority (84%) of healthcare organizations (HCOs) detected a cyber-attack or intrusion in 2024, with account hijacking and phishing the most common incidents, according to Netwrix.
The cybersecurity software vendor polled IT and security professionals working in the sector globally as part of a wider study into hybrid cloud trends.
It revealed that certain threats are more likely than others, depending on the IT environment.
For example, user account compromise impacted 74% of HCOs running cloud-based systems, but just 44% of on-premises environments. Phishing was the second most common threat type, impacting cloud (62%) and on-premises (63%) environments equally.
“Healthcare workers regularly communicate with many people they do not know – patients, laboratory assistants, external auditors and more – so properly vetting every message is a huge burden,” argued Netwrix VP of security research, Dirk Schrader.
“Plus, they do not realize how critical it is to be cautious, since security awareness training often takes a back seat to the urgent work of taking care of patients. Combined, these factors can lead to a higher rate of security incidents.”
Read more on healthcare threats: Change Healthcare Breach Affects 100 Million Americans.
The sector also appears to be more exposed to the financial damage and other negative consequences that can result from serious cybersecurity incidents.
Some 69% of healthcare respondents claimed a cyber-attack negatively impacted the bottom line, versus 60% in other sectors. Around a fifth said it led to a change in senior leadership (21%) or lawsuits (19%), versus 13% in both cases for other verticals.
All of which explains why data security (64%) and network security (54%) were highlighted by HCO respondents as their organization’s top IT priorities, above automation (46%).
Aware of these mounting cyber-related risks, the European Commission last week launched a new action plan for healthcare, focused on boosting threat prevention, detection and response, and creating a Cybersecurity Support Centre to deliver an EU-wide early warning service by 2026.
HCOs have long been a popular target for attack, on both sides of the Atlantic. Their low tolerance for outages and large volumes of stored patient data have made ransomware attacks particularly commonplace.
An August 2024 report claimed that more than a fifth (21%) of ransomware attacks targeted HCOs in the previous 12 months, up from 18% the year before.