Healthcare organizations are facing a growing threat from cyberattacks, with ransomware groups taking advantage of vulnerabilities in critical infrastructure. According to a recent report from Veriti, nearly 400 U.S. healthcare organizations reported incidents involving ransomware operators like LockBit 3.0, ALPHV/BlackCat, and BianLian in 2024.
The report also revealed that many healthcare organizations lack the confidence, policies, and technologies needed to detect and prevent breaches. Endpoint misconfigurations were identified as a significant risk, with a large number of systems unable to quarantine malicious files, making them more susceptible to ransomware encryption.
Misconfigured recovery processes were also found to worsen the situation, with attackers being able to disable volume shadow copies and recovery tools on 22% of hosts. Additionally, vulnerabilities in medical devices and protocols like DICOM pose opportunities for data theft and unauthorized access.
Oren Koren, co-founder and CPO of Veriti, highlighted the challenges posed by the rise of IoT devices, AI integration, and cloud-based systems. He expressed concern over the fact that vulnerabilities are not being patched, leaving healthcare organizations at risk of continued ransomware attacks.
In response to these evolving threats, healthcare organizations are focusing on virtual patches and disaster recovery plans. Koren emphasized the need for innovative control measures to address future threats and predicted that IoT threats would continue to evolve in 2025.
He also stressed the importance of enhanced intelligence sharing for rapid responses to emerging threats, emphasizing pre-breach hardening as a central approach. Healthcare organizations are increasingly turning to Zero Trust and micro-segmentation for security, as well as proactive threat management.
In an effort to support healthcare organizations in strengthening their cybersecurity defenses, a healthcare cybersecurity bill has been introduced to provide grants for prevention and response efforts. The Administration for Strategic Preparedness and Response is also seeking feedback through surveys and task group evaluations to assess and enhance the cybersecurity readiness of public health organizations.
As healthcare organizations work to defend themselves against a growing number of cyber threats, it is crucial that they prioritize cybersecurity measures to protect patient data and ensure the security of their systems.
