Health Care: Cyber Attacks, Worrying Trends and Solutions

Health Care: Cyber Attacks, Worrying Trends and Solutions

  • 23.03.2025 09:44
  • govtech.com
  • Keywords: Cyber Threats, Data Breach, Ransomware, Hospitals, Health Care

Cyber attacks on healthcare facilities are surging, causing financial losses and threatening patient lives. Hospitals face increased threats like ransomware, disrupting care and eroding trust in health systems. Collaborative efforts aim to enhance security and address these critical challenges.

Microsoft ServicesMicrosoft ReportsMSFTsentiment_satisfied
open_in_newOriginal article

Estimated market influence

HealthEquity

Negativesentiment_dissatisfied
Analyst rating: N/A

Sank 20% after missing profit estimates and dealing with increased cyber threats and fraud attacks.

Change Healthcare

Negativesentiment_dissatisfied
Analyst rating: N/A

Experienced data breaches in 2024.

Kaiser Foundation Health Plan

Negativesentiment_dissatisfied
Analyst rating: N/A

Experienced data breaches in 2024.

Ascension Health

Negativesentiment_dissatisfied
Analyst rating: N/A

Experienced data breaches in 2024.

Concentra Health Services

Negativesentiment_dissatisfied
Analyst rating: N/A

Experienced data breaches in 2024.

Centers for Medicare and Medicaid Services (CMS)

Negativesentiment_dissatisfied
Analyst rating: N/A

Experienced a breach due to WPS using MOVEit Transfer solution.

Wisconsin Physicians Service Insurance Corporation (WPS)

Negativesentiment_dissatisfied
Analyst rating: N/A

Involved in the CMS data breach through their file transfer software.

Progress Software

Negativesentiment_dissatisfied
Analyst rating: N/A

Their MOVEit Transfer solution was used in the WPS data breach.

Microsoft

Microsoft

Positivesentiment_satisfied
Analyst rating: Strong buy

Published a white paper on rural health cybersecurity threats and solutions.

Midwest Hospital Cybersecurity Collaborative (MiHCC)

Positivesentiment_satisfied
Analyst rating: N/A

A group of Midwest hospitals collaborating to fight cybercrime through various initiatives.

Context

Health Care: Cyber Attacks, Worrying Trends and Solutions

Key Facts and Data Points

  • HealthEquity's Stock Drop: Shares of HealthEquity fell 20% in a single day due to increased cyber threats and fraud attacks.
  • Cyber Threats on Healthcare:
    • Ransomware attacks on healthcare facilities have surged by 300% since 2015.
    • The number of individuals affected by health-care data breaches has risen considerably, despite a slight reduction in the number of reported breaches.
  • Notable Breaches in 2024:
    • Change Healthcare
    • Kaiser Foundation Health Plan
    • Ascension Health
    • HealthEquity
    • Concentra Health Services
    • Centers for Medicare and Medicaid Services (CMS) via WPS using Progress Software’s MOVEit Transfer solution.

Market Implications

  • Financial Impact:

    • Cyber attacks are causing significant financial losses for healthcare providers, with companies like HealthEquity struggling to meet profit estimates.
    • Ransomware demands have become a critical expense for hospitals aiming to avoid patient care disruptions.

  • Patient Outcomes:

    • Ransomware attacks have led to a 300% increase in emergency cases, including strokes and cardiac arrests, at overwhelmed hospitals.
    • A study found that neighboring hospitals saw an 81% surge in cardiac arrest cases following ransomware attacks, with survival rates declining.

  • Supply Chain Disruptions:

    • Cyber attacks extend beyond hospitals to disrupt the broader biomedical supply chain, further straining healthcare systems.

Competitive Dynamics and Strategic Considerations

  • Pooling Resources:

    • The Midwest Hospital Cyber Collaboration (MiHCC) is an example of how hospitals are collaborating to enhance cybersecurity through shared expertise and resources.

  • Cybersecurity Frameworks:

    • Establishing long-term cybersecurity frameworks is critical for measuring improvement over time, as highlighted by Jack Kufahl, Chief Information Security Officer at a Midwest hospital system.

Regulatory and Long-Term Effects

  • Regulatory Gaps:

    • The U.S. Department of Health and Human Services (HHS) has not fully implemented recommended cybersecurity policies, leaving gaps in tracking ransomware-specific practices and IoT/operational technology risks.

  • Long-Term Risks:

    • Cyber attacks on healthcare systems pose significant risks to patient trust, care quality, and systemic resilience.
    • The financial burden of cyberattacks could strain hospital resources, potentially affecting the quality of care provided.

Conclusion

The surge in cyber attacks on healthcare facilities highlights the urgent need for robust cybersecurity measures, collaboration between institutions, and stronger regulatory oversight. The financial, operational, and patient safety implications underscore the critical importance of addressing these threats comprehensively to ensure the integrity and resilience of global healthcare systems.