Hackers Don’t Need a Scalpel
Imagine that you're in the middle of a surgery. Monitors are blinking. A ventilator is keeping rhythm. Suddenly, everything freezes. Not from a power outage, but from a cyberattack.
Welcome to CyberHygiene, my weekly newsletter, where I share tips and actionable data to help everyone stay safe online.
First time seeing this? Please subscribe
In 2024, the healthcare sector faced a historic wave of cyberattacks, with over 170 million protected health records breached, the highest number ever recorded in a single year. The ransomware attack on Change Healthcare alone disrupted hospitals and pharmacies across the country, exposed the data of nearly 100 million people, and cost UnitedHealth an estimated $2.9 billion. In total, 181 healthcare networks were hit by ransomware, and 92% of healthcare organizations reported at least one incident. These weren’t just technical failures. They halted surgeries, locked providers out of electronic records, and in some cases, contributed to patient deaths. The numbers tell a grim story: healthcare is no longer just a target of opportunity, it’s a battlefield.
💸 The True Cost of Cyber Incidents in Healthcare
🧰 The Threats Are in The Tools
Healthcare professionals rely heavily on digital tools, each bringing its own cybersecurity risks.
Electronic Health Record (EHR) and Electronic Medical Record (EMR) systems are often built on legacy infrastructure, making them vulnerable to attacks due to delayed patching and weak access controls.
Connected medical devices, many of which run outdated or unsupported software, are increasingly targeted by malware campaigns like Medjack which exploit their limited security protections.
Telehealth platforms and remote access tools, widely adopted during and after the pandemic, have become common entry points for cybercriminals using phishing or credential stuffing.
Even cloud-based billing and insurance systems are not exempt. In February 2024, the ransomware attack on Change Healthcare linked to the BlackCat ALPHV group disrupted hundreds of healthcare providers across the U.S.
Each of these technologies, while essential for modern care delivery, also expands the attack surface making cyber hygiene, secure configurations, and regular audits critical for protecting sensitive systems and patient data.
🧑⚕️ And in the Human Factor
cybersecurity challenges for healthcare professionals. Phishing attacks, social engineering, and weak password habits are still the easiest ways for attackers to get unauthorized access. Even with security training, many healthcare workers fall for carefully disguised emails or scam calls that trick them into sharing credentials or installing malware.
The fast-paced healthcare environment also leads to shortcuts like sharing passwords or skipping multi-factor authentication to save time, which unfortunately opens the door to cybercriminals. Insider threats, whether intentional or accidental, add to the risk, showing how important it is to build a strong culture of security among all staff.
Tackling the human factor means ongoing education, clear policies, and regular phishing tests to keep cybersecurity on everyone’s mind. Giving healthcare professionals the right knowledge and tools is just as important as securing the technology itself.
Video by: Why is health care cybersecurity so bad? By Brittany Trang @STAT
🧨 Biggest Cyber Threats Facing Healthcare Professionals
Ransomware
5,263 large-scale attacks globally in 2024; 153 countries affected. Healthcare faced record payouts: e.g., $50 million (Synnovis), $100 million (India RCC), and $22 million paid to BlackCat
Phishing & BEC
Over 193,000 phishing reports in 2024, leading to over $70 million in losses; combined with BEC, phishing is the dominant vector.
Data breaches:
550 hacking/IT incidents affected 166 million people in 2024, with Change Healthcare incident alone affecting ~100 million and accounting for 55% of total breach victims.
Supply‑chain & third‑party/vendor breaches:
Over 75% of major healthcare breaches are through vendor breaches .
IoMT & medical‑device hijacking (“Medjack”)
Outdated devices with weak security are highly vulnerable, allowing attackers to pivot deeper into hospital networks.
🤖 How AI Is Making Things Worse
AI has supercharged cybercrime. Tools like ChatGPT clones or custom-trained language models help attackers write convincing phishing emails, impersonate patients or staff, and automate scams at scale.
Deepfake technology is now used to mimic voices in phone calls or create fake video consultations, tricking healthcare professionals into sharing sensitive information or approving fraudulent transactions.
AI-driven malware can learn from a system's behavior, adapt to security measures, and evade detection more effectively than traditional code.
Even social engineering is evolving. Attackers now use AI to analyze public data and craft personalized attacks that feel real and urgent.
While AI also offers defensive potential, right now it’s tipping the scale in favor of cybercriminals faster, cheaper, and harder to detect.
🔐 How Healthcare Professionals Can Protect Themselves
What resources are available to help protect Healthcare professionals against cybercrimes?
📚Books
Cybersecurity in Healthcare: A National Study of HIPAA Implementation (2022) by Dr. Mansur Hasib
Stop The Cyber Bleeding: What Healthcare Executives and Board Members Must Know About Enterprise Cyber Risk Management by Bob Chaput
Do No Harm: Protecting Connected Medical Devices, Healthcare, and Data from Hackers and Adversarial Nation States by Matthew Webster
🎙️ Podcasts
In Scope - The Healthcare Security Podcast by Mike Murray @Scope Security
The Med Device Cyber Podcast by Christian Espinosa @Blue Goat Cyber
HEAL Security - Cybersecurity Threat Intelligence by HEAL Security
▶️ Videos
Why is health care cybersecurity so bad? By Brittany Trang @STAT
🛠️ Tools
🔮 What’s Coming Next?
Cyber threats in healthcare are accelerating, not easing. Ransomware is growing more targeted, phishing is more personalized, and AI is making attacks faster, cheaper, and harder to detect. Smaller practices are becoming prime targets and critical medical devices are entering the cybercriminal crosshairs. The financial, operational, and clinical cost will continue to rise unless action is taken.
But with proactive cyber hygiene, smarter systems, and stronger coordination between providers, vendors, and regulators, the tide can turn. The future of healthcare depends not just on innovation in medicine but in cybersecurity.
Stay prepared. Stay protected.
Subscribe and Comment.
Copyright © 2025 CyberMaterial. All Rights Reserved.
This article was written by Marc Raphael with the support of:
Team CyberMaterial and Team 911Cyber
Follow us on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, Youtube, and Medium.