By Jeff Wardon, Jr., Assistant Editor

Cyber incidents continue to grow across the healthcare industry and so does their intensity. With cybercriminals ramping up their tactics, situations can turn serious quickly. 

Cybercriminals resort to many different methods to extract what they want from their victims, such as ransomware, malware and phishing. All involve critical data being stolen from the victim through deception. Criminals can take it one step further by engaging in double extortion, where the victim is demanded to pay or risk having their data leaked. 

Some even require taking parts of systems offline and diverting patients for care while the organization investigates. UMC Health System recently experienced this scenario with a ransomware attack, according to their press release.

Despite the disruption, all UMC healthcare facilities remain operational. As a precaution, UMC temporarily diverted some emergency and non-emergency ambulance patients to other facilities, though they have now resumed accepting some patients. UMC is also collaborating with third-party experts to restore services. While the investigation continues, some systems were proactively disconnected to contain the incident. 

Related: Defending Healthcare Facilities Against Ransomware Attacks

Ransomware attacks and cyberattacks in the healthcare sector have become numerous, as Healthcare Facilities Today has reported 32 different cyber incidents just in 2024. Additionally, the healthcare and public health sector filed 249 ransomware complaints to the FBI in 2023, according to Econofact. 

The perceived vulnerabilities in healthcare systems are the main draw for cybercriminals, says Eric O’Neill, former counterterrorism and counterintelligence operative for the FBI.  

“Cyber criminals have long known that healthcare has not spent as much money on cybersecurity and cyber protection as other business verticals,” O’Neill says. “Criminals also know that when healthcare is successfully locked with ransomware, there's immense pressure to pay because the victim is so vulnerable.” 

However, since healthcare is part of critical infrastructure, it’s essential to secure the industry across the board with cybersecurity, O’Neill says.  

Moreover, with the deluge of attacks not looking to let up soon, healthcare facilities find themselves seeking out strategies to counter these cyber threats, such as information sharing.  

“I would liken intelligence sharing, or what we do at Health-ISAC, to like a virtual neighborhood watch program,” Errol Weiss, chief security officer at Health-ISAC. “So, if you experience a break in, you're able to share that experience with your peers, your neighbors, and let them understand how the bad guys got in.” 

Weiss adds that this lets other organizations know what the signs were beforehand, and by sharing this information, it also lets them check their own defenses. It enables them to see if they’re vulnerable too and if they can detect then prevent the attack from happening. Information sharing allows other healthcare organizations to shore up their defenses based on timely and actionable intelligence. 

Jeff Wardon, Jr., is the assistant editor for the facilities market.