Motive, Means, and Opportunity: Why Cybercriminals Target HDOs



Access the whitepaper here:



Healthcare Delivery Organizations (HDOs), including hospitals, clinics, and private practices, store valuable information and deliver essential services – two attributes that make them appealing targets to threat actors looking to steal patients’ medical records and deploy debilitating ransomware that disrupts critical patient care. In addition, HDOs rely on a multitude of digital information sharing processes with the government, other healthcare providers, and ultimately, with their patients. Unfortunately, the IT environment within an HDO is typically made up of a mix of IoT devices, legacy systems, and a diverse range of applications and software.

This makes it even easier for threat actors with minimal technical expertise to use ransomware-as-a-service models to deploy ransomware attacks. Plus, healthcare staff are focused on their mission critical goal of patient care and generally only have a basic security awareness of cyber threats, making it easy for threat actors to target them with carefully crafted phishing messages and bypass traditional security controls. As a result, HDOs operate under the constant threat of costly and disruptive cyberattacks. In fact, according to IBM’s Cost of a Data Breach Report 2023, the healthcare industry has reported the highest costs
out of all industries for the 13th year in a row.

Healthcare data breach costs have increased 53.3% since 2020 to an average of $10.93 million USD. As the organized cybercrime ecosystem continues
to evolve, the combination of motive, means, and opportunity—plus easy access to already-developed tools to execute attacks—has led cybercriminals to relentlessly target HDOs, resulting in an ever-increasing volume of attacks and a range of costly consequences.

Unlike many other industries, patient lives are literally at stake when HDO operations are disrupted by cyberattacks. Disruption of service including emergency care & clinical care, rescheduled surgeries, delayed outpatient care and postponed preventative checkups, all have operational and the potential for human costs.

In this report, we’ll explore the cyber threats against healthcare providers, why healthcare is a prime target for cybercrime operators and how healthcare organizations can manage their risk to reduce the likelihood and severity of cybersecurity incidents. As investment in cybersecurity is committed, it must be elevated to a board-level issue and discussed alongside other business imperatives including growth, continuity planning, and risk and governance, with regular metrics and reporting showing progress toward business outcomes.


Learn More about ESENTIRE, a Health-ISAC Navigator:




Translate »