Understanding Cybercrime Against Healthcare Organisations | Spector

Understanding Cybercrime Against Healthcare Organisations

Cybercrime against healthcare organisations - doctors in surgery room next to several computers and medical equipment
Photo by Piron Guillaume on Unsplash

Reading Time: 5 Minutes
Cybercrime is a growing issue affecting most industries and organisations today. It’s a widespread threat that affects most of us, but since 2015 healthcare has become one of the primary industries targeted by cybercriminals. In this article, we’ll explore why cybercrime against healthcare is such a big issue, discuss some of the high-profile attacks we’ve seen in recent years and provide advice on how you can protect your practice.

Cybercrime against healthcare organisations as a topic is often discussed, as seen in these articles by Forbes, Securiwiser and Hospital Careers.

The knowledge found in this article will help you take action and improve your practice’s cybersecurity. However, to make sure your data is compliant and secure, it’s always best to talk to a specialist technology partner. Read on, and don’t hesitate to get in touch if you’re looking for tailored solutions or have any questions for our engineers.

High-Profile Cyberattacks against healthcare

Cybercrime against healthcare organisations is common at every level, ranging from small local clinics to some of the world’s most well-established institutions. In the past five years, the world has been shocked by how some cyber attacks managed to shut down respectful organisations.

In 2017 the UK’s NHS was struck by the WannaCry attack. This piece of malware infected over 230,000 computers across 150 countries in only one day. There and then, the world learned about the dangers of ransomware.

In 2018 hackers breached the Singapore government’s health database with a targeted cyber-attack, accessing the data of 1.5 million patients.

And in 2021, we all heard about the ransomware attack at the HSE. We cover it in more detail in this article.

These are only some of the most famous and reported cases, but there have been thousands of attacks on smaller organisations. The point is that criminals are continually targeting healthcare institutions, and it’s not expected that they’ll go away anytime soon.

Why are Cybercriminals targeting healthcare organisations?

There are many reasons why cybercrime against healthcare organisations is continually increasing in frequency. The number one reason is the value of the data held by institutions in this space. 

Patients’ data is highly sensitive as it contains social security and identification digits that could be exploited by criminals – as we’ll explain later in this article. They could steal and sell this data to other criminals and make money even if they didn’t cause direct financial damage to the organisations.

But that’s not usually the case! Criminals know that this is business-critical data, and most healthcare practices wouldn’t be able to operate without their data and technology. So when they do breach into an organisation in this space, they’ll do their best to lock their systems and data to disrupt operations. Picture an entire hospital virtually unable to function because of this. Frightening! Especially for the board executives, who are willing to pay whatever is asked to get back on track as quickly as possible.

Healthcare is considered critical infrastructure, just like water and electricity, making it highly attractive to criminals. The difference is that healthcare providers have more exploitable vulnerabilities than other infrastructure agents.

Cybercrime against healthcare continues to thrive because of these vulnerabilities. Medical devices, for one, usually are not developed with security in mind and are not frequently patched with security updates. A criminal may learn how to exploit one of these devices with much more ease than an up to date laptop, for example, and use it to breach the network. IoT devices, such as wearables and fitness trackers also contribute to this risk.

Operations at healthcare providers are often decentralised, which creates more openings for criminals. There could be several users in different access levels, multiple networks, platforms, accounts, suppliers and devices – and if only one of these is compromised, the risk for a cyber attack is genuine!

Now you understand why cybercrime against healthcare organisations continues to lead the charts. Next, we’ll explore some of the most common risks and basic steps you can take to improve your overall security.

Understanding The Most Dangerous Cybercrime Against Healthcare

Cybercrime comes in many shapes and forms, but these are some of the most common and dangerous threats posed to healthcare organisations. We’ll briefly go over each of them, and you may find more details and information in their dedicated links.


Ransomware is a nefarious type of malware that encrypts your data and then demands a ransom payment in cryptocurrencies, such as Bitcoin, to allow people to access it. It can spread to other devices in your network and even lock your backup disks. Once active, it can be extremely tough to stop. 

The best way to prevent it is to have separate backup copies in remote locations. Learn all about this type of crime in our Complete Guide: Ransomware – how it happens and how to stop it.

Data Breach

A Data Breach happens when a criminal is able to access a company’s private data, be it regarding their customers, partners, projects, suppliers or employees. They will then sell that data online to other criminals or whoever’s interested, such as your competitors. Very often, companies will not even notice their data was stolen. 

When they do notice, it’s probably because criminals have also encrypted that data with ransomware or because they’ve used the data to perform identity theft, which we’ll cover next. To learn how Ransomware connects with Data Breach, read Ransomware Equals a Data Breach.

Identity Theft

This nefarious crime is the continuation of the cybercrime lifecycle. Just as there are criminals selling data, there are others buying data to exploit it – and Identity Theft is the way to profit from someone’s data. Criminals can utilise your information to open bank accounts, acquire loans, health insurance, transfer parking bills, and much more.

Today, most people would have their complete file online, with detailed information about their lives, families, jobs, and purchase preferences. Read our Complete Guide on Identity Theft to understand how this crime happens and learn how to protect your online identity.

Protecting your Healthcare Practice

You’ve learned a lot today, and now it’s time to begin addressing these cyber risks and vulnerabilities, ensuring your practice is secure, and you can rest free of concerns. Cybercrime against healthcare organisations is a grave matter that can and should be addressed immediately.

We recommend you get started by understanding and listing your valuable assets and risks. With a comprehensive asset register and risk register, you’ll have a good idea of what needs to be protected and what are your priorities when investing in cybersecurity.

The next step is to ensure that your devices and data are secured and adequate to best practices, such as up to date patches and regular reviewing and monitoring. Your network should also be configured adequately, and any security gaps detected must be closed as soon as possible.

It’s also of vital importance to train your staff and users to identify cybercrime and have a security-first approach to prevent social engineering attacks and frauds. User training is critical, and we have many more resources here.

Addressing these vulnerabilities and identifying many others is not an easy task, but it’s essential for your business’ continued success. Hiring a specialist technology partner can help and make this much more manageable. Spector works with established healthcare institutions, including clinics, hospitals and product providers, handling their technical, security and compliance needs. If you are looking for assistance, book a call with one of our experts, and we’ll be happy to talk.

Thanks for reading. To learn more about Cyber Security, read our dedicated blogs and follow us on Social Media by clicking below.

Back to articles list