top of page


  • Chris Bratton - Tech Journalist

Healthcare is the Most Targeted Industry by Ransomware: Here is Why and What Can be Done About It

Ransomware attacks on the healthcare sector is still a major problem in 2022, with ransomware attacks happening every 11 seconds. That is almost four times faster than in 2016 when attacks were happening every 40 seconds.

If this turns out true, there will have been approximately 45 attacks by the time you are finished reading this post.

However, what’s even more worrying is the increasing number of ransomware attack cases in the healthcare industry.

In September last month, we witnessed one of the biggest ransomware attacks on a health institution when the Universal Health Services (UHS), which has more than 400 facilities in the US and the UK was hit. No patient or employee data was stolen, but the company had to take down its network momentarily and re-route some of its patients to different facilities.

So, why healthcare?

Reasons the healthcare is a high target for ransomware attacks

  1. There are lives at risk. Every minute that a healthcare system is down is another minute that life could be lost. This means that those in the industry are more motivated to pay the ransom and resume normal service provision. Not long after the UHS attack, a German hospital was attacked and a woman who needed immediate medical care died as she was being rerouted to another hospital.

  2. The healthcare industry has more entry points for hackers. The various devices being used in the medical field such as dialysis machines, X-ray machines, heart monitors, pacemakers, and their accompanying apps can all be used by cybercriminals to gain access to the healthcare systems.

  3. Medical staff have limited knowledge of internet security. There lacks a deliberate effort from the leaders in healthcare to educate doctors and other workers in the industry on the best cybersecurity practices. This makes them vulnerable to tricks such as email phishing which is one of the most common methods used by hackers to infect computers with malware.

  4. Hospitals use old technology and systems. It would not be surprising to find health institutions that are still using Windows 7 even after Microsoft stopped supporting the OS in January 2020. This is because the institutions are afraid of the service disruption that would result from executing upgrades. Unfortunately, this puts them at risk since the OS is no longer receiving security updates leaving it vulnerable to attacks.

Recommendations: How to stop ransomware attacks in healthcare

The truth is we cannot completely stop cyberattacks. The cybersecurity scene is always evolving with the attackers coming up with new attack methods every day. However, some steps can be taken to mitigate risks arising from ransomware in the health sector.

You just have to look at the reasons the sector is a high target and then work on changing that. For instance, if all the hospitals were to upgrade to the newest version of the operating system they use, then that would mean one less avenue for cyberattackers to exploit.

It’s also critical that health institutions always apply updates rolled out by software vendors as soon as they are available. The updates sometimes come with patches for security vulnerabilities that could be used to launch malware.

The other great way to make ransomware attacks less costly is to have up-to-date data backups that can be used if the current database is locked by ransomware.

Moreover, educating workers in the healthcare industry about cybersecurity best practices will also go a long way to counter attacks. Especially when it is coupled with the use of the right security software.

A dedicated anti-malware can help identify and stop ransomware that may have gotten past workers. An access management solution can ensure that only people with privileged access can view and modify sensitive data. A threat analysis software can detect and flag down suspicious activity on files and folders.

To wrap it up, if all the institutions in the healthcare industry implemented the steps above, then we would have made one giant leap towards liberating the healthcare from not just ransomware, but other forms of cyberattacks.


bottom of page