Amidst the coronavirus pandemic, cyber attacks on healthcare and hospital systems have spiked. In 2021, 42% of healthcare delivery organizations (HDOs) reported having contended with ransomware attacks across the past few years. More than 33% of HDOs attributed those ransomware incidents to a third-party catalyst.

The importance of ransomware attacks on hospitals and healthcare

Right now, admissions to hospitals are rising due to an increase in coronavirus cases. The US CDC suggests that hospital admissions will trend reach between 9,600 and 36,000 persons per day in the days ahead. Although hospital admissions may no longer represent the best means of gauging the coronavirus crisis, they indicate that a cyber attack would be an unwelcome emergency.

Emergency rooms in healthcare facilities are operating beyond capacity. Further, children’s hospitals in some states are on track to be 100% full within seven days. A disruptive ransomware attack in this context could massively increase suffering among an unstable group.

It’s not only coronavirus patients who may be affected by ransomware attacks on hospitals. More broadly, ransomware attacks directed towards hospital and healthcare systems can lead to problems for heart patients, transplant recipients, and persons with emergencies of other kinds. In addition, cyber disruptions can lead to millions of dollars worth of damage.

How ransomware affected Eskenazi Health

Days after a ransomware attack on Indianapolis-based health foundation Eskenazi Health, ambulances continued to see diversions to unaffiliated hospitals. Although the compromised group continued to accept patients who independently arrive at emergency room entrances, network disruptions remained ongoing.

The attack manifested in the early hours of the morning on a Wednesday, stated hospital representatives. IT teams shut down the network “out of an abundance of caution.” Systems were relaunched gradually.

Representatives could not offer information regarding when ambulances could return to their regular routes.

The Office for Civil Rights reports that the healthcare sector is one of the most targeted and has made recommendations for methods that can better protect healthcare industry systems. “Implementing effective security tools including anti-malware software and intrusion detection/prevention solutions can also help prevent, detect, and contain attacks.”

The common threats

One of the prolific ransomware gangs that target hospitals is known as Ryuk. Previously, this group used the moniker, the “Business Club.” In 2020, this group’s ransomware accounted for a third of the 203 million ransomware attacks carried out and directed towards US groups. Cyber security experts state that Ryuk operators raked in at least $100 million in extortion profits last year.

Ways to protect hospitals and healthcare

Among many healthcare industry groups, healthcare cyber security is in “critical condition.” A survey indicates that 70% of hospitals have contended with a “significant security incident,” within the past two years.

Many healthcare groups adopt new technologies on a regular basis. However, those same groups often forget to or fail to set aside budget in order to protect these new assets. In turn, the new tech represents new avenues for attack. It expands the attack surface.

In the US, the average hospital retains 10-15 Internet of Medical Things (IoMT) devices per bed. It’s relatively easy for hackers to tamper with these devices. Or to use them as a means of accessing your network. In other words, IoMT devices present tremendous opportunities for attack. Protecting patients, data, systems and resources means protecting IoMT in-full.

Protecting patient health records also matters. Around the world, patients have begun to bring forth lawsuits against organizations that have failed to adequately safeguard their data. Prevent sophisticated generation 6 cyber security attacks in your cloud environment.

It goes without saying that networks security products are also part of the new normal. Despite existing network protections, there might be more that your organization can do in order to prevent network attacks. And ensuring adequate endpoint and mobile protections can also function to protect your network.


Ransomware attacks on hospitals could turn into an emergency. That said, organizations have the opportunity to prevent this outcome. Address vulnerabilities in order to avoid ransomware attacks. Let’s work together to avoid a cyber pandemic.

For more information about protecting IoMT, check out our Buyer’s Guide, here. In addition, see below for helpful healthcare resources:

Lastly, if you’d like to receive more information about ransomware attacks on hospitals -or similar content- in the future, sign up for the Cyber Talk newsletter, here.