On World Health Day 2025, we are reminded that health is not only about biology and behavior—it’s about infrastructure, access, and now, cyber security. As this important critical sector grows increasingly digital, it also becomes increasingly vulnerable. Patient lives, sensitive data, and national health services are now at stake every time a malicious actor breaches a system.

Looking at these figures, it’s time we call this what it is: a public health crisis resulting from cyber insecurity.

A Sector Under Siege

The healthcare industry continues to rank among the most attacked sectors globally. The healthcare and medical industry suffers, on average, 2,309 weekly attack attempts per organization thus far in 2025, according to Check Point Research. This is an increase of 39% compared to the same timeframe last year. According to Check Point Research, the APAC region is seeing the highest number of attacks with 3,957 weekly attempts per organization in the healthcare and medical industry in 2025, a 7% increase year on year, though it is the North America healthcare and medical industry who are experiencing a 57% increase in cyber attacks year on year. For North America in 2025, that means 2,110 weekly attack attempts per organization, representing the highest-ever year over year change.

The critical nature of healthcare makes it a ripe target—where every second of downtime or breach can mean a delay in care, or even worse, a loss of life. The FBI, INTERPOL, and other authorities have warned for years that threat actors view hospitals and healthcare providers as prime extortion targets. From the ransomware attack on Newfoundland’s healthcare system to the malware strike that crippled Israel’s Hillel Yaffe Medical Center, the global trend is clear: cyber criminals go where the stakes—and payouts—are highest​.

It is common to see that many healthcare breaches begin with phishing, unpatched systems, or misconfigured networks—not complex zero-day exploits​​. Prevention is entirely possible, but not prioritized.

Broken Hygiene, Broken Systems

Cyber attacks on the healthcare industry can not only cripple medical operations but also put lives at risk. Critical systems like electronic health records, diagnostic tools, and scheduling software may be rendered inaccessible, forcing staff to revert to manual processes. This leads to delayed treatments, rescheduled procedures, and emergency redirections—factors that can directly impact patient outcomes, including increased mortality rates.

Beyond immediate disruptions, these attacks severely compromise patient safety and trust. When medical staff lack access to accurate data, treatment errors become more likely. Simultaneously, patients and the public may lose confidence in the hospital’s ability to provide secure, reliable care, especially if sensitive data is leaked or permanently lost—a growing threat in the era of double extortion tactics.

The ripple effects extend to staff morale, finances, and future preparedness. Employees face immense stress during prolonged crises, while institutions must divert resources from patient care to recovery efforts. Repeated breaches can weaken a hospital’s long-term resilience, marking it as an easy target for future attacks and eroding the foundation of public healthcare systems.

At the root of the crisis is a lack of cyber hygiene. Healthcare organizations often rely on fragmented, outdated infrastructure—a mix of legacy systems and modern tech not designed to work securely together. With most medical devices not built with security in mind, and many not even actively monitored by IT teams, the attack surface is growing faster than it can be protected by traditional means.

​This dynamic compounds in developing countries, where resources are more limited. Reduced budgets mean outdated systems, less staff training, and fewer resources to protect sensitive patient data. As a result, healthcare institutions in low-income regions become prime targets for cybercriminals, threatening both care delivery and public trust, starting again this vicious cycle of attack and lack of defense.

When Devices That Heal Can Harm

A particularly chilling development is the rise in attacks on connected medical devices—pacemakers, insulin pumps, imaging machines, and more. According to the 2023 State of Cybersecurity for Medical Devices and Healthcare Systems Report by Health-ISAC, Finite State, and Securin, over 1,000 vulnerabilities were discovered in medical devices in 2023. However, only 15% of manufacturers had vulnerability disclosure programs in place.

Attackers don’t need to breach a hospital’s network to cause chaos—they can now exploit IoMT (Internet of Medical Things) devices that serve as unguarded entry points. An example of how cyber criminals’ increasing sophistication is how hackers now specifically target medical devices as well, not only networks, servers, personal computers, databases and medical records. A salient example was the 2017 WannaCry ransomware attack which infected 1,200 diagnostic devices, which caused many others to be temporarily taken out of service to prevent the malware from spreading. This actually forced five United Kingdom hospital emergency departments to close and divert patients, according to an investigative report by the UK National Audit Office (NAO). The investigation also found the attack (which was launched against targets around the world) infected at least 81 of the 236 National Health System (NHS) hospitals in England plus 603 primary care and 595 medical practices, which caused more than 19,000 appointments to be canceled.

Ransomware groups have even locked radiology systems and encrypted diagnostic data, delaying life-saving care demonstrating that this is no longer about data, but about direct patient safety.

Prevention is the Best Medicine

Risk and threats are growing for the healthcare industry but so are the solutions. Healthcare providers don’t have to accept such attacks or compromise with cyber criminals.

We suggest 5 vital strategies to improve cyber resilience in the health sector:

  1. Educate Your People: Phishing remains the number one entry point. Train staff continuously, and implement solutions like Check Point Harmony Email & Collaboration, which helped Fast Pace Health win the battle against phishing incidents.
  2. Gain Full Visibility: Unmonitored devices are high-risk devices. Map all assets—including cloud, IoT, and legacy tech—and assign risk scores.
  3. Segment and Isolate Networks: Use Zero Trust segmentation to prevent lateral movement during a breach. Assume compromise—and design defensively.
  4. Adopt Prevention-First Security: Move beyond detection. Employ threat prevention tools powered by AI to block attacks before they execute.
  5. Unify and Consolidate Security: A fragmented approach invites risk. Integrated platforms like Check Point Infinity provide end-to-end protection across users, devices, and data.

You may also like