If hackers ever had an ethical barrier, they’ve smashed it to bits by now. Greed has always been their driving force, but in the past year, we’ve seen the depths they'll sink to for a quick buck—such as targeting health providers.
Healthcare has long been considered an "untouchable" sector, but it’s sadly become a favorite go-to for threat actors. It’s hard to pinpoint exactly when this shift happened, but the notorious attack on Change Healthcare at the end of 2023 definitely altered the playing field. The past year made it very clear that hackers have zero regard for the potentially deadly consequences of their actions.
To uncover how threat actors are targeting healthcare—and other vital industries—our experts pored over data from the millions of endpoints and user entities under our watch. They documented the most alarming trends, patterns, and tactics, leading to the compilation of our 2024 Cyber Threat Report. We’ve summarized our key findings on healthcare below, but for a more comprehensive picture, you can dive into the full report here.
Common Threats Hounding Healthcare
Healthcare organizations—including hospital networks, rural clinics, pharmacies, medical device companies, and labs—face the same cyber threats as other businesses. But because lives are literally at stake, the consequences of falling victim can be far more severe. Here’s what’s hitting healthcare the hardest:
- Trojans - 21.1%
- Remote Access Trojans (RATs) -14.3%
- Remote Monitoring and Management (RMM) abuse - 9.6%
These are often seen as precursors to ransomware attacks, which can cause significant disruptions to operations and patient care.
Ransomware Hurts Health Providers
Ransomware is a nightmare for healthcare. Doctors can't access critical data. Ambulances have to be diverted. Nurses are overwhelmed, working only with pen and paper. Quite simply, patient care suffers. And it’s not getting better—ransomware attacks surged in late 2023 after Qakbot was taken down.
The most common ransomware families targeting healthcare today are:
- Dharma - 29% of attacks
- DarkGate - 17% of attacks
- LockBit - 15% of attacks
Business Email Compromise (BEC) Is Compromising Healthcare
BEC is another major threat. Hackers pose as legitimate healthcare personnel to deceive both staff and patients. Their goal? To trick people into handing over money and valuable information. Popular tactics include:
- Manipulation of mailbox rules
- Bypassing location settings via VPN or proxy
- Attacks on multi-factor authentication (MFA)
- Unauthorized logins
Some key takeaways from our 2024 Cyber Threat Report include:
- 34% of Microsoft 365 threats in healthcare involve malicious inbox rules
- 26% of Microsoft 365 threats in healthcare involve using a VPN or Proxy
Stay Informed and Protect Your Healthcare Organization
Healthcare must remain healthy. The industry’s security is vital for everyone’s well-being. To help you stay ahead of potential threats that can compromise your operations and patient services, check out our 2024 Cyber Threat Report. It’ll give you an inside look at the latest trends and tactics hackers are using to target healthcare organizations of all sizes.
