Study Finds Rise In Cyberattacks on Healthcare Organizations in 2022

According to data released by Check Point, a cybersecurity solutions provider, there was a 38% increase in global cyberattacks in 2022, making it an especially difficult year for cybersecurity. Moreover, healthcare organizations experienced the greatest surge in attacks, with 74% more weekly occurrences than in 2021. This pushed the healthcare industry to third place in terms of the most targeted sectors, with 1,463 attacks per week. In the USA, healthcare was the second most attacked sector, registering 1,410 weekly attacks – an 86% increase compared to the previous year. Across all industry sectors, the US registered a 57% year-over-year increase in cyberattacks.

Cybercriminals are drawn to the healthcare industry due to the vast amount of financially valuable data that can be taken and the likelihood of extortion payments to keep stolen data from being released. In 2022, the threat landscape concerning ransomware attacks saw drastic changes. Large ransomware gangs shifted to smaller, nimbler cybercriminal groups that are harder for law enforcement to track. Additionally, businesses were targeted through a wider range of collaboration tools, such as Slack, Microsoft Teams, Google Drive and OneDrive, which provide access to valuable data that can be acquired through phishing attacks. Another upside for ransomware gangs is that they gain a great deal of publicity from attacks on hospitals, which only serves to increase their notoriety.

Tracking cyberattacks in healthcare can be difficult as there is no standardized reporting. The HHS only records hacking/IT incidents as data breaches, and many organizations do not disclose the exact nature of the attacks, such as if ransomware was involved. Check Point Research has indicated an increase in healthcare cyberattacks in the US, though not all of these attacks have resulted in data breaches. The Office for Civil Rights breach portal shows a slight decrease in reported data breaches compared to 2021. As of January 10, 2023, 701 data breaches of 500 or more records have been reported to the HHS in the past year, 13 less than the 2021 record-breaking total. Though the number of data breaches have declined slightly, the number of breached healthcare records has increased by 13.1%, making 2021 the second-highest year for breached records after 2015.

Healthcare organizations must remain vigilant about the threats posed by cybercriminals and continue to prioritize security. As the data security landscape continues to evolve, healthcare organizations must keep up with the latest trends in order to protect confidential data and prevent data breaches.