Hospitals Under Siege: Cyberattacks Threaten Patient Safety | Image Source: www.facs.org
WASHINGTON, D.C., 14 April 2025 – Health, a former healing sector, is now at the beginning of a digital war. In recent months, warnings ​from organizations such as ​the American Hospital Association (AHA) and Health-ISAC ​have highlighted a worrying trend: the health industry faces an ​unprecedented increase in cyber threats. Even without confirmed terrorist conspiracy, ​the mere ringing of threats can trigger real-world violations.
Why the first goals of health organizations for cyber attacks?
The answer lies in a dangerous ​combination of big bets and weak preparation. According to Dirk Schrader, Texas’s security expert, hospitals are “labour-intensive organizations using highly regulated digital assets”, with staff turnover, ​obsolete technology and immense pressure to make them mature for exploitation. Add to this ​the value of ​patient data – considered up ​to 50 ​times more lucrative than ​credit ​card information – and it is not surprising that ​publicly supported ransomware and hackers move like vultures.
According to cybersecurity reports of 2024, more than 80 ​per cent of health care providers had at least one attack. ​These are not just ​disadvantages – they are ​often ​catastrophic. Ransomware has frozen electronic health records (EHR), interrupted surgical operations and ​even hijacked ambulances. ​An attack on Ransomware from the South ​Florida ​blood bank in July 2024 created a shortage ​of platelets throughout the state, ​delaying rescue operations. The ​impact went beyond the drawbacks – it was a public health crisis.
What are the most common cyber threats to health care?
While ansomware still reigns as the most devastating threat, it rarely acts alone. It often accumulates in fake emails – misleading messages developed to deceive employees to click on malicious links or provide references. Greg Young, vice ​president of cybersecurity in a Texas company, noted that phishing is often ​the ​point of entry, calling it “the door of ransomware”
But today’s cyber attacks are much more ​layers than simple file encryption. The new trifect – ​or “triple game” – used ​by hackers involves encryption systems, data theft and directly threatening patients. ​Essentially: “We have blocked your systems, we have your data, and if you do not pay, ​we will ​filter it – or worse, we ​will use it.”
Another growing concern? Image systems ​compromised. More than ​2,500 U.S. Image Archive and Communications ​(PAC) hospitals connected to the Internet. Research ​cited by Schrader suggests that almost 15% of ​these systems do not receive ​basic protection. Pirates can access scans, modify potentially false images and surgeons during critical procedures, a possibility ​of ​cooling.
How ​can cyber attacks directly ​control patient care?
When cyber attacks hit, collateral ​damage is not just digital – it’s human. Surgeons lose access to data in real time. ICU machines can ​fail. Stalled laboratory systems. In a well documented attack of 2023, the BlackCat ​Ransomware ​band disclosed photos of sensitive patients online when a hospital refused to pay. Imagine recovering surgery just to find your private images circulating on the dark canvas.
Worse still, attackers could handle medical ​devices or patient ​records. Changing the ​dose ​information or image of altered radiology ​could not only lead ​to a poor diagnosis, but also be fatal. ​As Schrader said, surgeons could soon face icy dilemmas: “Do you perform an operation knowing that the data can be compromised? »
How’s the hospital cybersecurity going in 2025?
It ​is not enough to slap the antivirus software on some laptops and call it one day. ​According ​to experts, ​modern defence requires a cautious, ​proactive and deeply integrated approach:
- Zero-Trust Architecture: Every ​user and device must be verified each time they access hospital systems. Trust is ​earned — not assumed.
- Endpoint ​Detection and Response (EDR): These tools monitor unusual behavior in devices, alert security teams, and quarantine infected systems before ​the damage spreads.
- Network Segmentation: Separating ​networks by sensitivity prevents attackers from jumping across systems. MRI ​machines don’t need to ​be on the ​same network as public Wi-Fi.
- Identity ​and Access Management (IAM): Only authorized personnel should access specific systems. A receptionist doesn’t need ​access to infusion pump controls.
- Information Sharing: Hospitals should collaborate, sharing details of threats and responses. A breach in ​one ​system can serve as a warning for the rest.
Q: How can surgeons help prevent cyber attacks?
A: Surgeons ​are not ​only spectators in this battle – they are on the ​front ​lines. Given their role as heavy ​users of sensitive data, they must defend best practices. Regular training, prudent digital behaviour and open communication with IT teams are essential. As ​Schrader said: “To reduce the need to ​protect data with the ​need to access it. »
Surgeons should ​treat cybersecurity simulations such as surgical simulations: routine, essential and life-threatening. This includes the recognition of ​attempts to phish, report suspicious emails and resist the temptation ​to ​connect personal ​devices to ​workplaces.
Q: What happens when cybersecurity fails?
A: The consequences ​mature greatly and widely. Hospitals have financial implications for rescue ​payments, prosecutions and ​damaged reputation. ​Patients lose ​confidence and sometimes access to ​care. Perhaps the most worrying thing is the human toll: delayed procedures, ​lost diagnosis, ​lives in danger.
In a ​recent case, ​a cyberattack ​caused a leadership shock. A survey conducted in 2024 found that 21% of non-compliant health facilities had replaced executives, compared ​to only 13% in other industries. The axe often falls unfairly on IT leaders who have inherited outdated systems ​and insufficient budgets.
Do hospitals do enough ​to adapt?
There is progress, but it is not uniform. Some institutions have adopted zero confidence models and regular security audits. Others, hunger due to funding shortfalls ​and existing systems, remain dangerously exposed. As Young pointed out, many IT ​services remain “in the basement” – both literally and ​figuratively.
And as consciousness grows, especially among leaders, implementation is lagging behind. In order for cybersecurity to be truly ​integrated into the health culture, it must be prioritized at all levels, from suite ​C to the surgical suite.
Q: What ​is the next step for eHealth security?
A: He hopes that cyber threats will become more personalized, persistent and punished. With ​artificial intelligence tools ​in the hands ​of cyber criminals, phishing attacks will be smarter. Social engineering tactics will ​become convincing. ​The threat landscape will only become stronger.
However, hope is not lost. Collaborative intelligence ​networks, real-time threat sharing and advanced defence ​protocols can provide ​an opportunity for hospitals to fight. Surgeons, administrators and technical teams ​must be united ​with one goal: to ​preserve not only the data, but ​also the ​dignity, safety and life of the people they ​serve.
Because in the end, ​it’s not just a cybersecurity story – it’s a patient security story. And the bets couldn’t ​be higher.
About The Author
