Cyber Attacks: In the Healthcare Sector


As the healthcare sector continues to offer life-critical services while working to improve treatment and patient care with new technologies, criminals and cyber threat actors look to exploit the vulnerabilities that are coupled with these changes. The following blog series will explore one MS-ISAC analyst’s thoughts on today’s sources of frustration for healthcare IT and cybersecurity specialists.

The healthcare industry is plagued by a myriad of cybersecurity-related issues. These issues range from malware that compromises the integrity of systems and privacy of patients, to distributed denial of service (DDoS) attacks that disrupt facilities’ ability to provide patient care.

While other critical infrastructure sectors experience these types of attacks, the nature of the healthcare industry’s mission poses unique challenges. For healthcare, cyber-attacks can have ramifications beyond financial loss and breach of privacy. Ransomware, for example, is a particularly egregious form of malware for hospitals, as the loss of patient data can put lives at risk.

Each link below leads to a discussion of that unique type of attack in the healthcare sector. These articles include real-life examples of how the attack manifested, the damage and disruption it caused or could have caused if not handled properly, and suggestions on how to defend against or mitigate each type.


Arrow Ransomware

Arrow Data Breaches

Arrow DDoS Attacks

Arrow Insider Threats

Arrow Business Email Compromise and Fraud Scams


This is by no means an exhaustive list of the types of attacks hospitals face but, rather, a summary of some of the major and most costly incidents affecting hospitals.

To defend against ransomware, U.S. hospitals can use cost-effective CIS resources such as the CIS Hardened Images, virtual machine images which are pre-hardened to the security recommendations of the CIS Benchmarks. Our webinar below walks you through the process.



Additionally, U.S. hospitals can get access to Malicious Domain Blocking and Reporting (MDBR) to help defend against ransomware at no cost. *

*While MDBR was offered at no-cost to U.S. private hospitals for a limited time, that offering has been discontinued in favor of MDBR+, a low cost, cloud-based secure DNS service that provides real-time reporting, custom configurations, and off-network device protection. Learn more about MDBR+ here.