Cyber Security in the Healthcare System and 27 Frightening Statistics

The healthcare system is one of the first to adopt the latest technologies. It began with digitising medical records and heart-monitoring machines; now, we have heart pacers and insulin regulators. To protect the technological advances in the healthcare field, cyber security officials must keep up with the newest advances in the cyber security field to prevent hackers from disturbing the system’s pace.

In this article, we will get an in-depth look at what cyber security does for the healthcare system, its importance, and why cyber security attacks on healthcare systems are on the rise, ending with some of the latest statistics on cyber security and cyber attacks in the healthcare system.

Importance of Cyber Security in the Healthcare System

Cyber security goes beyond protecting patient information in the healthcare system. Hospitals and healthcare organisations have several electronic systems to keep their facilities running. These systems include Electronic Health Records (EHR) systems, radiology information systems, e-prescribing systems, and specialised systems to store and transfer physician orders.

Healthcare organisations use many systems based on IoT technology, such as elevators, ventilation, smart heating and air conditioning, devices to monitor patients and infusion pumps. Another vital element that necessitates cyber security in the healthcare system is the extensive use of email services to send or receive prescriptions and store or share patient data and financial information.

Risks to Cyber Security in the Healthcare System

The healthcare system is one of the leading sectors depending on advanced technology, but this doesn’t come risk-free. The application of different technologies poses a great danger to the sector, and hackers are also exploiting old technology to hack into the databases of healthcare organisations.

IoT Threat

The increased dependency on IoT technology today is both impressive and frightening. Despite their effectiveness in facilitating many daily tasks, they can easily be tampered with. Many IoT devices still have missing configurations, which opens a door for hackers to exploit. If the hacker can get into any of the IoT systems in the healthcare organisation, this can put patients’ lives in danger. He can manipulate or stop monitoring systems, such as a patient’s pacemaker.

Phishing

The risk of phishing is high since a great deal of information is transferred over email in the healthcare system. If a person receives a phishing email with malicious links or attachments and clicks on them, even unintentionally, this will download malware onto their device. From there, the hacker can steal sensitive information from the victim’s device or even use it to spread to more devices and possibly the whole healthcare organisation’s system.

DDoS Attacks

A distributed denial of service attack is highly dangerous and detrimental to the organisation’s healthcare system. If the hacker gains access to the organisation’s network, he can launch a denial-of-service attack that will cause the temporary stoppage of the organisation’s services, which will literally paralyse it. Patients will not be able to get their prescriptions, and nurses or practitioners won’t be able to send or receive reports, to name a few.

Physical Threat

Physical threat represents the physical tampering with one healthcare organisation’s systems, such as manually installing malware or even stealing one of the data drives that store patient data. This threat is more prominent when healthcare personnel review data on their personal device, not the organisation’s —supposedly— secured devices. If the person leaves the device unattended, he gives hackers access to the data he reviewed earlier. So, it’s vital to do both: physically protect devices that handle healthcare data and place them under an umbrella of cyber security.

Keylogging

Installing a keylogger can come from a phishing email, which records hits on the device’s keyboard and sends this information to the hacker. Keylogging can result in the theft of login credentials or passwords, giving the hacker access to the healthcare organisation’s database. From there, the hacker can steal important data or launch a DDoS attack, disturbing the healthcare organisation’s system and services.

Legacy Systems

Legacy systems refer to systems no longer supported by their manufacturers. When new updated versions are released, these old systems are no longer needed. The danger of legacy systems lies in the fact that no more updates are available, or the available updates are very expensive. Unfortunately, many healthcare systems worldwide lack the necessary funds to update their systems to the latest available version. As a result, some healthcare organisations operate using legacy systems. Despite the risks these systems pose, they are what the organisation has available.

Why Do Hackers Target Healthcare Systems?

Cyber security attacks on the healthcare system keep increasing, which begs the question: why do hackers target healthcare systems? The answer is simple:

Less Protection

Despite their importance, healthcare organisations’ cyber security systems are more vulnerable than others due to the massive attack surface available. This means more attack windows are made available through the extensive use of IoT services, personal—often unprotected—devices to access patient data, and third parties that have access to the organisation’s database. The rise in the use of telehealth services, initially prompted by the spread of COVID-19, means more devices are connected to the organisation’s database, often without proper protection.

People Are More Likely to Pay

Cyber security attacks in healthcare systems can cost lives, as ironic as that may sound. For example, in the event of a ransomware attack, a surgeon might not be able to access a patient’s data to decide the best course of action for his case as quickly as possible. For this reason, hackers believe that the great cost of their attack will make the victim more willing to pay the ransom to regain access to the information. Savage, however, such cases do happen.

High-Value Data

This data is represented in PHI, or Protected Health Information, which includes personal patient information. PHI offers hackers a wide array of advantages; they can use them for identity theft or commit insurance fraud. This means a single healthcare file can cost more on the black market than stealing credit cards or social security numbers.

Frightening Statistics About Cyber Security in the Healthcare System

Healthcare systems have been active targets for cyber attacks for years, with over 2,550 breaches of healthcare systems’ data over the past decade alone. Despite these numbers not being listed among the biggest data breaches when conducting the studies, the sensitivity of the information in such systems makes them considerably more serious. Sadly, such a number means some of your personal information was stolen if you’ve been hospitalised in the past decade.

Studies have shown that hackers tend to target larger healthcare organisations or hospitals, as they have a wider range of possible data and attract more patients than smaller hospitals.

1. Hospitals were the target of approximately 33% of major data breaches, according to recent cybersecurity reports. Ransomware and other forms of cyberattacks continue to focus on healthcare systems, with hospitals being prime targets due to the high value of patient data and the critical nature of healthcare operations.
2. Healthcare organiations faced significant financial losses due to data breaches, with estimates placing these costs in the billions. For instance, the Ponemon Institute estimated annual losses of around $6.2 billion for the healthcare sector as of 2016. Global spending on healthcare cybersecurity between 2020 and 2025 is projected to reach $125 billion.
3. Eighteen per cent of teaching hospitals reported experiencing data breaches, while 6% of pediatric hospitals reported the same. These percentages reflect the higher vulnerability of larger or more specialised institutions like teaching hospitals compared to others.
4. Unauthorised access is the cause of 34% of cyber security attacks on healthcare systems, and over the past three years, this percentage has jumped to 162%. This upward trend emphasises the critical need for stronger cybersecurity measures within the healthcare sector​.
5.  A single data breach incident in 2021 cost $9.3 million on average, representing almost a 30% increase from 2020. Compared to other sectors’ damages, which increased from $3.86 to $4.24 over the same period, healthcare organisations lost about three times more than other sectors.
6. While healthcare data breaches are a significant source of identity theft due to the sensitive nature of medical records, they are not the sole cause. Identity theft incidents can also result from phishing scams, data breaches in other sectors, public records, and social media. However, healthcare data breaches can lead to more severe forms of identity theft, with criminals potentially using medical information to obtain fraudulent loans, insurance, or medical treatment.
7. In February 2022 alone, 46 data breaches in healthcare systems affected 2.5 million people.
8. According to the Coveware Quarterly Ransomware Report, the average cost of a ransomware attack in the first quarter of 2022 increased to $456,726. While there is no definitive data on whether hackers have specifically targeted smaller healthcare organisations more frequently in 2024, it’s plausible that they may be perceived as having weaker cybersecurity defences and fewer resources to invest in incident response.
9. Over a year, between March 2021 and February 2022, 42 million records were exposed due to data breaches in healthcare systems. In March 2021, there was a total of 4.1 million records exposed, while in February 2022, there was a total of 2.2 million records exposed.
10. The US healthcare system is estimated to incur $7 billion in losses annually due to stolen PHI.
11. The risk of data breaches in the healthcare sector has increased in recent years, with the number and severity of incidents rising. This trend is driven by factors such as the growing sophistication of cyberattacks, the increasing volume of electronic health data, and the potential for significant financial and reputational damage. While it’s difficult to quantify the exact risk for individual medical records, healthcare organisations must remain vigilant to protect patient data.
12. There’s more than a 25% expectation of a data breach the same size as the Anthem one, which compromised more than 80 million records. Unfortunately, cyber security attacks in the healthcare system occur more often than reported, and experts fear another major breach like the Anthem one is needed to effectively catch the authorities’ attention.
13. Generally, 60% to 80% of total data breaches are unreported in all sectors, not only in the healthcare system.

14. A single data breach in the healthcare system costs an average of $9.8 million in 2024, which is the highest average among all sectors but lower than 2023’s $10.9 million. Due to the millions of compromised records yearly, this average results in millions of losses.
15. Many healthcare organisations still use legacy systems, which widens the attack scope. Statistics show that these systems come in third place as the threat facing the healthcare sector.
16. Although internal causes of data breaches, such as negligence and human error, remain significant, recent trends show that external breaches like ransomware and hacking account for over 50% of healthcare data breaches. While human error is still a key factor in many breaches, external attacks have become the dominant cause. As a result, 66% of healthcare organisations continue to express concern over internal breaches, but the rise in external cyberattacks, particularly ransomware, has shifted the focus.
17. In 2024, about 39% of healthcare organisations still take months to detect a breach, giving hackers ample time to exploit the compromised data. On average, it takes around 200 days for organisations to identify and contain a breach, significantly increasing the cost and damage caused. The healthcare sector, in particular, continues to face lengthy detection times due to various challenges, such as outdated systems and a shortage of cybersecurity talent.
18. More than 30% of data breaches in the healthcare system fall into the category of identity theft and loss, compared to only 15% of all other sectors. Due to the lack of cyber security measures and massive amounts of available data, the healthcare system represents an easy target for hackers.
19. Around 59% of breaches in the healthcare industry are linked to internal actors, highlighting the ongoing risk posed by human error and malicious insiders. This includes negligence, like mishandling sensitive data, and intentional actions by disgruntled employees. Additionally, human error remains a dominant factor, contributing significantly to breaches due to actions like the misdelivery of sensitive information.
20. As of 2024, studies show that many healthcare professionals, especially older physicians, still struggle with recognising malware or cyberattacks due to unfamiliarity with evolving technology. While specific data on physician awareness is not as prevalent, it is estimated that around 15-25% of physicians may lack the knowledge to identify these threats. This knowledge gap is often linked to generational differences, with older physicians less adapted to modern cybersecurity measures. Efforts to improve cybersecurity training for healthcare professionals, especially in smaller practices, are ongoing due to the increasing frequency of cyberattacks targeting the healthcare sector.
21. By 2023, healthcare systems faced around 60% of their attacks as ransomware incidents, a slight decrease from 66% in 2022. Data encryption after these attacks surged to 73% of cases. Although Cerber ransomware was prominent earlier, newer attack strategies, such as double extortion, where attackers encrypt and steal data, have become more common. About 37% of healthcare ransomware incidents in 2023 involved data encryption and theft, reflecting the growing sophistication of cyber threats in the healthcare sector.
22. The Anthem breach occurred in 2015 and affected about 80 million people. Anthem eventually settled for $116 million, averaging $1.45 per person.
23. The US will spend $14.5 billion on cyber security. North America’s market dominated the health cybersecurity market with 41%.
24. Eighty-eight per cent of healthcare workers opened phishing emails. However, not all of them followed the malicious links or downloaded the attachments. Such a percentage raises the question of why healthcare workers receive phishing emails in the first place.
25. The average cost of a healthcare data breach in 2024 was $9.77 million, compared to $10.93 million in 2023. This might be because records in other industries aren’t always comprehensive, which raises the value of PHI as it provides comprehensive information to commit identity theft.
26. There’s a global shortage in cyber security jobs, and these jobs in the healthcare sector take 70% longer to fill than other sectors.
27. More than 82% of healthcare organisations estimate the damages caused by insider sources. 21% of these damages result in legal liability, 40% in data loss, and 33% in operational disruption.

Sadly, cyber attacks on the healthcare system are only going to increase, especially with the high number of stored records raising the outcome of attacks for hackers. You can protect your own data and devices by having antivirus software, a password manager, and a VPN service.

FAQs