Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Profile
    • Privacy & Cookie Policy
    • Terms of Use
    • Contact Us
    • Advertising
    • Submit Post
    • Latest News
    • Research Reports
    • Press Release
    • Awards▾
      • About the Awards
      • Awards TimeTable
      • Submit Nominations
      • Testimonials
      • Media Room
      • Award Winners
      • FAQ
    • Magazines▾
      • Global Banking & Finance Review Magazine Issue 79
      • Global Banking & Finance Review Magazine Issue 78
      • Global Banking & Finance Review Magazine Issue 77
      • Global Banking & Finance Review Magazine Issue 76
      • Global Banking & Finance Review Magazine Issue 75
      • Global Banking & Finance Review Magazine Issue 73
      • Global Banking & Finance Review Magazine Issue 71
      • Global Banking & Finance Review Magazine Issue 70
      • Global Banking & Finance Review Magazine Issue 69
      • Global Banking & Finance Review Magazine Issue 66
    Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

    Global Banking & Finance Review® is a leading financial portal and online magazine offering News, Analysis, Opinion, Reviews, Interviews & Videos from the world of Banking, Finance, Business, Trading, Technology, Investing, Brokerage, Foreign Exchange, Tax & Legal, Islamic Finance, Asset & Wealth Management.
    Copyright © 2010-2026 GBAF Publications Ltd - All Rights Reserved. | Sitemap | Tags | Developed By eCorpIT

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    Home > Technology > A matter of life or death: security challenges for the healthcare industry
    Technology

    A matter of life or death: security challenges for the healthcare industry

    Published by Jessica Weisman-Pitts

    Posted on October 20, 2021

    5 min read

    Last updated: January 29, 2026

    An image depicting business professionals discussing embedded finance strategies. This reflects the article’s focus on how companies innovate payment solutions and enhance customer relationships.
    Business professionals analyzing embedded finance solutions for enhanced customer engagement - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Quick Summary

    Healthcare cybersecurity is critical, with rising ransomware attacks and nation-state threats. Protecting patient data is paramount.

    Healthcare Security Challenges: A Matter of Life or Death

    By Robert Golladay, EMEA and APAC director at Illusive

    According to the 2020 IBM Cost of a Data Breach Report, the monetary cost of recovering from a cyberattack is significantly higher for healthcare organisations than for companies operating in any other sector. The price tag increased by 10% between 2019 and 2020 and currently sits at around $7.13 million.

    But more concerning than monetary losses is the human cost that a successful cyberattack targeting healthcare providers can have. In the November of 2020, German officials attempted to prove that the death of a patient was the direct result of a ransomware attack that shut down a hospital’s infrastructure and forced medics to turn the ambulance away, thus delaying life-saving treatment.

    Since the Wannacry ransomware attack against the UK’s National Health Service in 2018, the specter of cyberattacks has loomed large on healthcare institutions. Whether it’s a data breach that exposes patients’ information or a more dangerous ransomware attack that encrypts data and renders systems unusable, healthcare providers have no margin of error when it comes to defending against cyber threats.

    But as breaches continue to occur, we are forced to look at the inherent flaws of most healthcare institutions’ approaches to threat defence. In this article, we will explore the most common threats facing hospitals and healthcare providers, as well as the paradigm shift that is necessary to equip these organisations against cybercriminals.

    Looking for a quick buck: ransomware

    Ransomware attacks are rampant across all sectors, but a recent report by Checkpoint Security revealed that this type of attack is of particular concern for healthcare institutions. In January 2021, ransomware attacks against healthcare orgs had jumped about 45% since early November the previous year. The spike followed an alarming 71% increase in the October of 2020. According to the same report, at the beginning of this year healthcare providers were facing an average of 90 attempted attacks every single day.

    The reason behind cybercriminal’s determination to breach the security of hospitals and healthcare providers is simple: leverage. There is nothing that will motivate a victim to pay up more than endangering the health and safety of individuals. Furthermore, the value of medical information is even higher than other types of personal identifiable information. Double-extortion ransomware, whereby threat actors steal data before encrypting their target’s systems, has become the norm among cybercriminal gangs. This allows them to monetise on their efforts twice, first by asking for a payment to decrypt the data and then by threatening to publicly release the stolen information.

    Nation-state sponsored espionage and disruption

    The Covid-19 pandemic launched nations into something like a new “space race”, with foreign powers competing to triumph over therapy, prevention, and vaccine development. Already valuable clinical trial and research data became even more appealing to state-sponsored threat groups, so much so that in early October 2020, Philadelphia-based medical software company eResearch Technology was hit with a ransomware attack believed to have been orchestrated by a nation-state actor. In that instance, attackers were able to shut down a number of clinical trials eResearch Technology provided tools to.

    IoT and operating systems

    Medical devices, just like operational technology, run an operating system. When these machines are connected to the network, they can be targeted by an attacker motivated to disrupt normal functionality.

    Thankfully, an attack on an MRI machine or an insulin pump hasn’t been recorded yet, but proof of concept demonstrations have been conducted by well known hackers, who have proven that this eventuality is not as far-fetched as it seems.

    The matter is made worse by the fact that the OS running on these machines is often locked in, meaning that it can’t be patched, and agents-based endpoint security solutions, such as EDR, can’t be deployed on them.

    How deception helps

    Attackers might dispose of sophisticated tools and tactics, but the secret to beat threat actors is to think like them. Rather than repeating the somewhat depressing mantra about organisations having to be right all the time while bad actors only need to be right once, we need to shift security postures to make sure we make it too time-consuming and expensive for a hacker to launch an attack.

    Improving detection capabilities is a key component of shifting this paradigm, and deception can be an invaluable tool to achieve it. Rather than limiting detection capabilities at the endpoint level, and rather than relying solely on signatures, deception allows organisations to stop lateral movement, even when other layers of defence have failed. By distributing deceptions that mimic genuine IT assets throughout the network, attackers are essentially trapped in a net of fake connections that will trigger an alert if an exploit is attempted. Instead of relying on traditional signatures, deception technology alerts are generated by real attacker movements within a network.

    Alerts are generated in real time, meaning that the IT team will know about an attack as it starts unfolding and will be able to mitigate the incident before any critical system can be accessed.

    As threats continue to mount for organisations in the healthcare sector, understanding the mindset of an attacker and implementing a strategy that can flag suspicious behaviour in real time, whether around or within the perimeter, is literally a matter of life or death.

    Key Takeaways

    • •Healthcare faces higher cyberattack costs than other sectors.
    • •Ransomware attacks on healthcare have surged by 45%.
    • •Nation-state actors target valuable clinical trial data.
    • •IoT devices in healthcare are vulnerable to attacks.
    • •Double-extortion ransomware is a growing threat.

    Frequently Asked Questions about A matter of life or death: security challenges for the healthcare industry

    1What is the main topic?

    The article discusses cybersecurity challenges in the healthcare industry, focusing on ransomware and data breaches.

    2Why are healthcare organizations targeted?

    Healthcare organizations are targeted due to the high value of medical data and the critical nature of their services.

    3What are double-extortion ransomware attacks?

    Double-extortion ransomware involves stealing data before encrypting systems, demanding payment for decryption and to prevent data release.

    More from Technology

    Explore more articles in the Technology category

    Image for Debtist: Digital Debt Collection for Modern Businesses
    Debtist: Digital Debt Collection for Modern Businesses
    Image for Infosecurity Europe launches new Cyber Startup Programme to champion the next generation of cybersecurity innovators
    Infosecurity Europe launches new Cyber Startup Programme to champion the next generation of cybersecurity innovators
    Image for BLOXX Launches ĀRIKI BLOXX at Web Summit Qatar
    BLOXX Launches ĀRIKI BLOXX at Web Summit Qatar
    Image for Engineering Trust in the Age of Data: A Blueprint for Global Resilience
    Engineering Trust in the Age of Data: A Blueprint for Global Resilience
    Image for Over half of organisations predict their OT environments will be targeted by cyber attacks
    Over half of organisations predict their OT environments will be targeted by cyber attacks
    Image for Engineering Financial Innovation in Renewable Energy and Climate Technology
    Engineering Financial Innovation in Renewable Energy and Climate Technology
    Image for Industry 4.0 in 2025: Trends Shaping the New Industrial Reality
    Industry 4.0 in 2025: Trends Shaping the New Industrial Reality
    Image for Engineering Tomorrow’s Cities: On a Mission to Build Smarter, Safer, and Greener Mobility
    Engineering Tomorrow’s Cities: On a Mission to Build Smarter, Safer, and Greener Mobility
    Image for In Conversation with Faiz Khan: Architecting Enterprise Solutions at Scale
    In Conversation with Faiz Khan: Architecting Enterprise Solutions at Scale
    Image for Ballerine Launches Trusted Agentic Commerce Governance Platform
    Ballerine Launches Trusted Agentic Commerce Governance Platform
    Image for Maximising Corporate Visibility in a Digitally Driven Investment Landscape
    Maximising Corporate Visibility in a Digitally Driven Investment Landscape
    Image for The Digital Transformation of Small Business Lending: How Technology is Reshaping Credit Access
    The Digital Transformation of Small Business Lending: How Technology is Reshaping Credit Access
    View All Technology Posts
    Previous Technology PostThe three technologies driving the future of accounting
    Next Technology PostDHL to operate Honor’s smart devices distribution hub for Middle East and Africa