Cybersecurity Trends and Threats in the Healthcare Sector
Health-ISAC’s Q3 2023 Healthcare Heartbeat provides observations of ransomware, cybercrime trends, and malicious actor forum postings that could potentially impact healthcare sector organizations. This product is for your situational awareness, and Health-ISAC recommends members affiliated with the victim companies
or those potentially impacted take appropriate measures to secure critical infrastructure.
If Health-ISAC becomes aware of an imminent threat to members of the healthcare sector, the information will be communicated directly with the impacted organization.
Health-ISAC will continue to monitor this activity and provide relevant updates when necessary. If you have any questions or comments, please email us at contact@h-isac.org. The TLP:GREEN version of the Healthcare Heartbeat is available for Members within the portal.
The White Paper Includes:
– Ransomware Attacks Against Healthcare
– Healthcare Sector Analysis: DICOM Exposure Statistics and RDP Exposure Statistics
– Healthcare Sector Statistics: Global Events Analysis
– Threat Actor Profile: BlackCat/ALPHV Ransomware Group
– Recommendations and References
Health-ISAC observed a continuous trend of cyber security incidents and data breaches impacting healthcare over 2021, 2022, and 2023. In 2021, according to Health-ISAC tracking, the average number of healthcare sector ransomware incidents per quarter was 30. In 2022, that number rose slightly to over 32 per quarter. In contrast, the number of ransomware incidents in the healthcare sector in 2023 has increased dramatically, largely due to the Progress MOVEit file transfer vulnerability.