SOCRadar® Cyber Intelligence Inc. | The State of Cybersecurity in Healthcare: A Review of SOCRadar’s Healthcare Threat Landscape Report


Jun 07, 2023
4 Mins Read

The State of Cybersecurity in Healthcare: A Review of SOCRadar’s Healthcare Threat Landscape Report

The cybersecurity landscape in the healthcare industry is becoming increasingly treacherous, as detailed in SOCRadar’s recently published Healthcare Threat Landscape Report. This in-depth analysis illuminates the growing threat of cyber attacks, including a surge in ransomware incidents and the vulnerability of medical IoT devices.

Get comprehensive insights and stay ahead of threats by exploring the Healthcare Threat Landscape Report today!

Over the past year, healthcare data breaches and cyber-attacks have been steadily rising, with an alarming 35% increase in posts on the dark web regarding healthcare matters, exceeding 450 posts. It’s a harsh reality that the industry has become a prime target for cybercriminals, with an escalating cost for a breach now averaging around $10.1 million – a 10% increase from the previous year.

Ransomware is a Dominating Threat to Healthcare

Of significant concern, the report reveals that ransomware attacks are among the most prevalent form of cyberattacks in this industry. SOCRadar’s Dark Web News module has detected 190 incidents specifically targeting healthcare organizations between April 2022 and March 2023. LockBit 3.0HiveLeaks, and Vice Society are among the ransomware groups that have shown particular interest in targeting the healthcare system.

(Source: SOCRadar Healthcare Threat Landscape Report)
(Source: SOCRadar Healthcare Threat Landscape Report)

While these attacks are wide-ranging and damaging, the impact on the industry’s growing reliance on medical IoT devices raises significant concerns. As the adoption of digital solutions continues to rise, these connected devices – often linked directly to hospital networks – present a distinct and tangible vulnerability. The potential for cyberattacks on these devices risks not only data breaches but also possible patient privacy violations.

In response to this escalating threat, healthcare organizations have increasingly felt compelled to pay large sums to regain access to critical patient data. This unfortunate trend has led to a significant spike in both the frequency and cost of healthcare security breaches.

The report pointed out the geographical distribution of these confidential posts in the healthcare industry, primarily focusing on the United States, Indonesia, and the Russian Federation. It also highlights the significant increase in ransomware attacks detected by SOCRadar’s dark web analysts, marking an alarming 58.3% uptick compared to the previous term.

Healthcare’s IoT Boom: A Rising Security Storm

The report sheds light on the unique security concerns surrounding medical Internet of Things (IoT) devices. These devices include everyday healthcare tools such as insulin pumps and pacemakers. The report emphasizes that wireless medical devices implanted in the body – like deep brain stimulators, heart defibrillators or pacemakers, cochlear implants, gastric stimulators, and foot drop implants – are particularly exposed to potential security breaches.

Wireless medical devices implanted in the body are becoming increasingly common in healthcare, posing a potential threat of exposure.
Wireless medical devices implanted in the body are becoming increasingly common in healthcare, posing a potential threat of exposure.

The threats are not limited to just ransomware attacks or IoT device vulnerabilities. SOCRadar’s monitoring has also disclosed nearly 1,200 phishing attempts aimed at healthcare entities over the last 12 months. Even more concerning, the data indicates that a disturbing 63.5% of phishing domains masquerading as legitimate organizations’ websites have been using the secure HTTPS protocol to deceive their victims.

The report stresses the need for healthcare professionals to bolster their cybersecurity defenses in this landscape of ever-evolving threats. Recommendations include:

  • Implementing encryption measures.
  • Carrying out regular risk assessments.
  • Training programs to boost cybersecurity awareness.
  • Devising backup strategies to recover data.

Additional suggestions include adopting multi-factor authentication, continuous monitoring of network traffic for suspicious activities, and developing a comprehensive incident response plan.

The report paints a sobering picture of the current state of cybersecurity in the healthcare industry. It underscores the crucial role of cybersecurity measures in safeguarding patient data and maintaining the financial stability of healthcare organizations, thereby providing valuable insights and practical recommendations for fortifying their cybersecurity posture against evolving threats. 

To get the full report, click here.