The healthcare system is one of the first to adopt the latest technologies. It began with the digitisation of medical records and heart-monitoring machines; now, we have heart pacers and insulin regulators. To protect the technological advances in the healthcare field, cyber security officials must keep up with the newest advances in the cyber security field to prevent hackers from disturbing the pace of the system.

In this article, we will get an in-depth look at what cyber security does for the healthcare system, its importance, and why cyber security attacks on healthcare systems are on the rise, ending with some of the latest statistics on cyber security and cyber attacks in the healthcare system.

Importance of Cyber Security in the Healthcare System

Cyber security goes beyond protecting patient information in the healthcare system. Nowadays, hospitals and healthcare organisations have several electronic systems to keep their facilities running. These different systems are Electronic Health Records or EHR systems, radiology information, e-prescribing systems, and specialised systems to store and transfer physician’s orders.

Healthcare organisations use many systems based on IoT technology, such as elevators, ventilation, smart heating and air conditioning, devices to monitor patients, and infusion pumps. Another vital element that necessitates cyber security in the healthcare system is the extensive use of email services to send or receive prescriptions and store or share patient data and financial information.

healthcare system, cybersecurity in the healthcare system

Risks to Cyber Security in the Healthcare System

The healthcare system is one of the leading sectors depending on advanced technology, but this doesn’t come risk-free. The application of different technologies poses a great danger to the sector, and hackers are also exploiting old technology to hack into the databases of healthcare organisations.

IoT Threat

The increased dependency on IoT technology today is both impressive and frightening. Despite their effectiveness in facilitating many daily tasks, they can easily be tampered with. Many IoT devices still have missing configurations, which opens a door for hackers to exploit. If the hacker is able to get into any of the IoT systems in the healthcare organisation, this can put patients’ lives in danger. He can manipulate or stop patient monitoring systems, such as a patient’s pacemaker.


Since a great deal of information is transferred over email in the healthcare system, the risk of phishing is high. If a person receives a phishing email with malicious links or attachments and clicks on them, even unintentionally, this will download malware onto their device. From there, the hacker can steal sensitive information from the victim’s device or even use it as a means to spread to more devices and possibly the whole healthcare organisation’s system.

DDoS Attacks

A distributed denial of service attack is highly dangerous and detrimental to the organisation’s healthcare system. If the hacker gains access to the organisation’s network, he can launch a denial-of-service attack that will cause the temporary stoppage of the organisation’s services, which will literally paralyse it. Patients will not be able to get their prescriptions, and nurses or practitioners won’t be able to send or receive reports, to name a few.

Physical Threat

Physical threat represents the physical tampering with one of the healthcare organisation’s systems, such as manually installing malware or even stealing one of the data drives that stores patient data. This threat is more prominent when healthcare personnel review data on their personal device, not on the organisation’s —supposedly— secured devices. If the person leaves the device unattended, he gives hackers access to the data he was reviewing earlier. So, it’s vital to do both: physically protecting devices that handle healthcare data and placing them under an umbrella of cyber security.


The installation of a keylogger can be the result of a phishing email, which then records hits on the device’s keyboard and sends this information to the hacker. Keylogging can result in the theft of login credentials or passwords, hence giving the hacker access to the healthcare organisation’s database. From there, the hacker can steal important data or can go further by launching a DDoS attack, disturbing the healthcare organisation’s system and services.

Legacy Systems

Legacy systems refer to the systems no longer supported by their manufacturers. When new updated versions get released, these old systems are no longer needed. The danger of legacy systems lies when no more updates are available, or the available updates are very expensive. Unfortunately, many healthcare systems around the world lack the necessary funds to keep their systems updated to the latest available version. As a result, some healthcare organisations operate using legacy systems. Despite the risk these systems pose, they are what the organisation has available.

Why Do Hackers Target Healthcare Systems?

Cyber security attacks on the healthcare system keep increasing, which bids the question: why do hackers target healthcare systems? The answer is simple:

Less Protection

Despite their importance, the cyber security system in healthcare organisations is more vulnerable than others due to the massive attack surface available. This means there are more attack windows made available through the extensive use of IoT services, personal —often unprotected— devices to access patient data, and third parties that have access to the organisation’s database. The rise in using Telehealth services, initially prompted by the spread of COVID-19, means more devices connect to the organisation’s database, often without proper protection.

People Are More Likely to Pay

Cyber security attacks in healthcare systems are ones that can cost lives, as ironic as that may sound. But in the event of a ransomware attack, a surgeon might not be able to access a patient’s data to decide the best course of action for his case as quickly as possible. For this reason, hackers believe that the great cost of their attack will make the victim more willing to pay the ransom to regain access to the information. Savage, however, such cases do happen.

High-Value Data

This data is represented in PHI, or Protected Health Information, which includes various personal information about the patients. PHI offers hackers a wide array of advantages; they can use them for identity theft or commit insurance fraud. This means that a single healthcare file can cost more on the black market than stealing credit cards or social security numbers.

healthcare system, cybersecurity in the healthcare system

Frightening Statistics About Cyber Security in the Healthcare System

Healthcare systems have been active targets for cyber attacks for years, with over 2,550 breaches of healthcare systems’ data over the past decade alone. Despite these numbers not being listed among the biggest data breaches at the time of conducting the studies, the sensitivity of the information in such systems makes them considerably more serious. Sadly, such a number means that some part of your personal information was stolen if you’ve been hospitalized in the past decade.

Studies have shown that hackers tend to target larger healthcare organisations or hospitals, as they have a wider range of possible data and attract more patients than smaller hospitals.

  1. Hospitals were the target of 30% of major data breaches.
  2. Healthcare organisations incurred $6 trillion in losses to data breaches by the end of 2020.
  3. 18% of teaching hospitals reported experiencing data breaches, while 6% of pediatric hospitals reported the same.
  4. The cause for 34% of cyber security attacks on healthcare systems is unauthorised access, and over the past three years, this percentage jumped to 162%.
  5.  A single data breach incident in 2021 cost $9.3 million on average, which represents almost a 30% increase from 2020. In comparison to other sectors’ damages, which increased from $3.86 to $4.24 over the same period, this shows that healthcare organisations lost about three times higher than other sectors.
  6. 95% of identity theft incidents are a result of data breaches in the healthcare system. This comes from the massive amount of information stored in medical records that represent a goldmine for hackers to commit further crimes. Identity theft from stolen medical records is 25 times higher than that of credit cards.
  7. In February 2022 alone, there were 46 data breaches in healthcare systems, affecting a total of 2.5 million people.
  8. On average, a ransomware attack in the first quarter of 2022 cost $211,259, which represents a significant decrease from the last quarter of 2021. Professionals stated that lately, hackers have begun to target smaller healthcare organisations instead because they don’t attract law enforcement’s attention and won’t result in serious investigations.
  9. The healthcare system and financial institutions represent the highest targeted victims of hackers, by 15% and 10%, respectively.
  10. Over the past two years, statistics of cyber security in the healthcare system by the Cyber Risk Management bureau in Singapore uncovered $25 billion in losses.
  11. Over the course of a year, between March 2021 and February 2022, 42 million records were exposed due to data breaches in healthcare systems. In March 2021, there was a total of 4.1 million, while in February 2022, there was a total of 2.2 million records exposed.
  12. The US healthcare system is estimated to incur $7 billion in losses annually as a result of stolen PHI.
  13. In the next year, at least 5 million medical records are at a 75.6% risk of a data breach, a number that isn’t surprising for professionals who cited the increase in the breached records over the past years.
  14. Within the next three years, there’s more than a 25% expectation of a data breach the same size as the Anthem data breach taking place. The Anthem data breach resulted in compromising more than 80 million records. Unfortunately, cyber security attacks in the healthcare system are more often than reported, and experts fear another major breach like the Anthem one is needed to effectively catch the authorities’ attention.
  15. Generally, about 60% to 80% of total data breaches are unreported in all sectors and not only in the healthcare system.
  16. A single data breach in the healthcare system costs an average of $408, which is the highest average among all sectors. Due to the millions of compromised records every year, this average results in millions of losses.
  17. A great number of healthcare organisations still use legacy systems, which widens the attack scope. Statistics show that 47% of data breaches in this sector come from hackers or lack of proper cyber security measures.
  18. Internal causes of data breaches are double the number of external breaches; this solidifies the fact that 66% of organisations fear internal data breaches more than external ones. Studies show that while 1,400 data breaches were due to negligence, only 700 were due to external hackers. Human error is still the reason for about 80% of cyber security attacks.
  19. Data breaches can take up to three-quarters of a year to be discovered, which gives hackers plenty of time to steal all the data they want. 39% of healthcare organisations that experienced a data breach took months to discover the breaches.
  20. More than 30% of data breaches in the healthcare system fall into the identity theft and loss category, in comparison to only 15% of all other sectors. The healthcare system represents an easy target for hackers due to the lack of cyber security measures and massive amounts of available data.
  21. Negligent employees caused more than 60% of data breach threats in the healthcare system, while unsatisfied employees caused 14% of data breaches, whether by doing it themselves or helping an outsider group gain access to the organisation’s files. A staggering 94% of healthcare organisations granted third-party companies access to their databases, and 72% of those had privileged access.
  22. More than 20% of physicians are not aware of how to spot malware or a cyber attack. Many attribute this to older physicians who haven’t adapted to new cyber attack-discovering technology.
  23. An estimated 240 million hacking attempts were made in healthcare systems in 2020. 58% of those attacks were ransomware attacks caused by the Cerber ransomware. In the second place, with 16%, came the Sodinokibi ransomware, followed by 14% for Windows-targeting VBCrypt.
  24. The Anthem breach, which occurred in 2015, affected about 80 million people. Anthem eventually settled for $116 million, with an average of $1.45 per person.
  25. The US spends more than 15% of its budget on cyber security. However, less than 6% is spent on cyber security in the healthcare system.
  26. 88% of workers in the healthcare system opened phishing emails. However, not all of them followed the malicious links or downloaded the attachments. Such a percentage raises the question of why healthcare workers receive phishing emails in the first place.
  27. 50% of doctors almost caused serious data breaches. This confirms the importance of cyber security training and education for doctors and healthcare staff in order to properly identify possible threats and data breaches.
  28. The average cost of a record in a healthcare data breach is $408, in comparison to $148 per record across other industries, which is three times less. The reason for this might be that records in other industries aren’t always comprehensive, which raises the value of PHI as it gives comprehensive information to commit identity theft.
  29. The cyber security report by Tenable Network Security, a cyber security company, rated cyber security assurance in the healthcare system at 54% only. Independent data centres had the highest score among healthcare organisations.
  30. There’s a global shortage in cyber security jobs, and these jobs in the healthcare sector take 70% longer to fill than other sectors.
  31. More than 82% of healthcare organisations estimate the damages caused by insider sources. 21% of these damages result in legal liability, 40% in data loss, and 33% in operational disruption.
  32. Almost 60% of healthcare organisations planned to invest more in properly securing their systems in 2022.

Sadly, cyber attacks on the healthcare system are only going to increase, especially with the high number of stored records that raises the outcome of attacks for hackers. What you can do is currently protect your own data and devices by having antivirus software, a password manager, and a VPN service to keep your data secure.