5 biggest healthcare security threats for 2021

Healthcare organizations can expect ransomware, botnets, cloud misconfigurations, web application attacks, and phishing to be their top risks.

healthcare data breach / medical patient privacy security violation
Leo Wolfert / Getty Images

Cyberattacks targeting the healthcare sector have surged because of the COVID-19 pandemic and the resulting rush to enable remote delivery of healthcare services. Security vendors and researchers tracking the industry have reported a major increase in phishing attacks, ransomware, web application attacks, and other threats targeting healthcare providers.

The trend has put enormous strain on healthcare security organizations that already had their hands full dealing with the usual volume of threats before the pandemic. “The healthcare industry is under siege from a range of complex security risks," says Terry Ray, senior vice president and fellow at Imperva. Cybercriminals are hunting for the sensitive and valuable data that healthcare has access to, both patient data and corporate data, he says. Many organizations are struggling to meet the challenge because they are under-resourced and rely on vulnerable systems, third-party applications, and APIs to deliver services.

Ray and other security experts identified multiple issues that present major threats to healthcare organizations. Here are five of them:

1. The rising ransomware threat

Ransomware has emerged one of the biggest cyber threats for the healthcare sector since at least the beginning of the global COVID-19 pandemic. Attackers have discovered that healthcare organizations delivering vital, life-saving treatments can be more easily extorted than ransomware victims in almost every other sector. Many healthcare organizations are also more susceptible to attacks because of new digital applications and services they have had to launch to address demand for telehealth services, contact tracing, and in some cases to support research activity around COVID-19 vaccines and treatment. Concerns over the trend prompted the US Cybersecurity and Infrastructure Security Agency (CISA) to issue a rare warning to the healthcare industry last October.

To continue reading this article register now

Make your voice heard. Share your experience in CSO's Security Priorities Study.