Skip to main content
Email

The latest news in Healthcare IT – straight to your inbox.

Home
  • Main Menu
  • Subscribe
  • Topics
    • Video
    • Analytics
    • Artificial Intelligence
    • Cloud Computing
    • EHR
    • Government & Policy
    • Interoperability
    • Patient Engagement
    • Population Health
    • Precision Medicine
    • Privacy & Security
    • Telehealth
    • Women In Health IT

Regions

  • ANZ
  • ASIA
  • EMEA
  • Global Edition
By: 

Healthcare workers talking
Get the AI skills you need to maximize your productivity
Introduction to artificial intelligence thumbnail with pastel graphics
Prepare to navigate the rapidly evolving AI landscape
Common AI subsets thumbnail with pastel graphics
Explore how subsets of AI are used in various industries
Bing Chat for trainers thumbnail with pastel graphics
Maximize generative AI’s effectiveness with prompt engineering
Bing Image Creator thumbnail with pastel graphics
Visualize complex concepts for learners with AI-generated images

Additional Resources

5 steps to support successful EHR migration to the cloud
5 steps to support successful EHR migration to the cloud
5 steps to successful EHR migration to the cloud
5 steps to successful EHR migration to the cloud
Data governance: The modern portfolio for compliance
Data governance: The modern portfolio for compliance
senior using laptop
Situational Response Management, Communications, and Virtual Patient Outreach
Doctors looking at a brain scan
Digitize Clinical Workflows to Create an Integrated Care Platform

Sponsored

Global Edition
Privacy & Security

As cyberattacks on healthcare companies rise, threat intelligence can raise the barrier for entry

Healthcare organizations need a strong cyber threat intelligence program to understand risk and harden their security posture.
By: 
July 26, 2023
09:21 AM

Photo: sturti/Getty Images

By Jason Harrison

The healthcare industry has a serious cybersecurity problem. Weekly cyberattacks on US healthcare entities have risen 86% since 2021, according to Insider Intelligence.1 Organizations are now suffering an average of 1,410 attacks each week, and the story is much the same globally.

Healthcare’s current vulnerability to cyberattacks is partially because it hasn’t had the same historical pressure to invest heavily in cybersecurity compared to other sectors. Instead, the majority of its resources were rightly focused on improving patient care and saving lives. Now, however, the situation has changed.

The COVID-19 pandemic propelled a massive surge in telehealth adoption and, despite the loosening of social distancing restrictions, this trend has persisted into 2023. The American Journal of Managed Care reports that national telehealth utilization increased 7.3% month-over-month in January of this year.2 Healthcare organizations have also increasingly partnered with third-party technology vendors to modernize their operations and reach more patients. And while technology can provide several advantages for healthcare entities, it also comes with serious risks if not properly secured.

As healthcare entities incorporate more digital solutions into their daily practice, they also broaden their attack surface. Cybercriminals are constantly scanning environments to find vulnerabilities that allow them to infiltrate a network. Healthcare entities represent an attractive target due to the amount of sensitive patient data they store.

Healthcare organizations need the latest threat intelligence to understand what their risks are and what steps they need to take to harden their security posture. Read on to learn how.

What is threat intelligence and why does it matter?

Cyber threat intelligence (CTI) encompasses the data and analysis that gives security teams a comprehensive view of their threat landscape. This data can come from any number of sources, including open-source threat intelligence, threat intelligence feeds, and even in-house analysis. The better this data is aggregated and made useful, the better the threat intel. With a view of all their data, organizations can use CTI to make more informed decisions about how to prepare for, detect, and respond to cyberattacks.

At Microsoft, we collect 65 trillion security signals daily from across the global threat landscape to discover new and emerging threats. Additionally, we deploy a team of 8,000+ security researchers, analysts, and threat hunters who analyze this information to uncover timely and hyper-relevant insights for our healthcare customers.

After all, while it’s useful to know about individual threat actors or attack vectors, it is even more impactful to examine the commonalities across these disparate pieces of data. For example, a recent Microsoft report examined high-profile ransomware attacks against critical infrastructure, healthcare and IT service providers to uncover a new ransomware model: ransomware as a service (RaaS).

Essentially, RaaS capitalizes on the industrialization of the cybercrime economy by allowing a single ransomware group to develop the ransomware payload. These crime syndicates provide services for payment and extortion via data leakage to other cybercriminals, who are then responsible for launching the ransomware attacks in exchange for a cut of the profits.

Examining the broader ransomware economy in this way allows security teams to better understand what steps they need to take to protect their own operations. In the case of RaaS, we found that attackers were most often capitalizing on organizations’ poor cyber hygiene, including infrequent patching and failure to implement multifactor authentication. Security teams can use this knowledge to take steps to strengthen their identity controls and implement better cyber hygiene practices to counter the threat.

How to start your threat intelligence journey

While implementing a robust CTI program can feel overwhelming at times, it is a critical part of creating a safe and secure experience for healthcare entities and patients alike. Following are three tips to get you started on your threat intelligence journey:

  • Understand your landscape: There’s an old adage in security: “You can’t protect what you don’t know.” This is especially true in healthcare. Many healthcare organizations partner with third-party vendors and suppliers for medical devices, patient record-keeping software, outsourced patient services and more. This interdependence on outside technology partners and the business supply chain, combined with overall IT sprawl and the expansion of smart medical devices, has created an extensive attack surface for defenders to monitor and protect. CTI can help provide the visibility for healthcare entities to better defend themselves.
  • Capitalize on automation: Automation enables security teams to incorporate CTI into their existing security strategies. Most security products protect against a certain threat or secure a specific target. However, cyberattacks are often multi-threaded and can often go undetected until there is a serious breach. By utilizing automation in concert with CTI, companies can find the weaknesses in their defense and uncover their most likely attack vectors. This enables them to discover and respond to threats proactively and rapidly while adapting to new and emerging CTI.
  • Spread the wealth: At its core, cybersecurity is a team sport. Communicating openly and honestly about the latest attack vectors and threat groups benefits us all because it leaves threat actors with fewer places to hide. If we want to harden our collective security posture, healthcare entities and leading security vendors will need to work alongside other sectors to share their threat intel knowledge and implement cybersecurity best practices.

As healthcare entities move to harden their defenses and raise the barrier for entry against future cyberattacks, CTI can be leveraged in concert with existing security solutions. This helps to ensure that organizations are knowledgeable about current threats and equipped with the necessary strategies to defend against them.

References

  1. Phillips, L. January 27, 2023. Healthcare cybersecurity in 2023: Hive’s shutdown is good news but cyberattacks are only getting worse. Insider Intelligence. https://www.insiderintelligence.com/content/healthcare-cybersecurity-2023-hive-s-shutdown-good-news-cyberattacks-only-getting-worse.
  2. Gelburd, R. April 4, 2023. Contributor: Telehealth utilization grew 7% nationally in January 2023. American Journal of Managed Care.https://www.ajmc.com/view/contributor-telehealth-utilization-grew-7-nationally-in-january-2023. 
Topics: 
Artificial Intelligence, Cloud Computing, Privacy & Security

More regional news

Patient does a virtual care consult

Castlight Health intros virtual urgent care for members

By
Mike Miliard
April 18, 2025
HIMSSCast logo

HIMSSCast: Should every healthcare organization have an AI strategy?

By
Mike Miliard
April 18, 2025
Nurse checks tablet to communicate on shift

Zoom launches agentic AI-powered mobile comms for frontline staff

By
Andrea Fox
April 18, 2025
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Nurse checks tablet to communicate on shift
Zoom launches agentic AI-powered mobile comms for frontline staff

Most Read

How UCHealth is reducing fall injuries with AI-enhanced risk modeling
2025: AI enhances personalized care; caregiver experience in the spotlight
Frontera launches with $32M in seed funding
Korea University Medical Center pursues brain, heart AI development and more briefs
Roundup: AI and cloud tackle cyber risk and improve workflows
HIMSSCast: Fundamentals of data governance - lessons from UNC Health, part 1

Research

White Papers

More Whitepapers

Telehealth
Create secure, connected omnichannel communications
Telehealth
Let us guide you to HIPAA compliance
Cloud Computing
How a cloud communications platform puts connection at the center of care

Webinars

More Webinars

Analytics
Standby Eligibility and Claims Solutions: Diversify Your Risk & Ensure Business Continuity
Interoperability
Nursing Leadership, Operational Innovation, and Emerging Technologies with AONL
Artificial Intelligence
Loving the AI Revolution: How Automation is Humanizing Healthcare and Improving Provider Well-Being

Video

Ilir Kullolli, Stanford Medicine Children's Health_Las Vegas skyline Photo by halbergman/E+/Getty Images
HIMSS-ACCE working together to advance digital health
Vik Bajaj, Foresite Labs_Medical research Photo by Edward Jenner/pexels.com
Healthcare research is being affected by federal budget cuts
Priyanka Jain, Evvy_Hand holding sample vial Photo courtesy of Evvy
How one women's health startup tests fertility outcomes
Keisuke Nakagawa, UC San Diego Health_Las Vegas skyline Photo by halbergman/E+/Getty Images
Can technology help bring the human touch back to medicine?

More Stories

Lee Kim, HIMSS_Las Vegas skyline Photo by halbergman/E+/Getty Images
Past year's data breaches often stemmed from remediable cybersecurity gaps
Cathy Menkiena, Health Catalyst_Las Vegas skyline Photo by halbergman/E+/Getty Images
Innovative – and useful – tech is key to empowering care teams
Sameer Sethi of Hackensack Meridian Health on AI
Hackensack Meridian Chief AI Officer on the intersection of business and technology
Doctor checking and tracking information on a computer
HHS updates regulatory guides for the safe use of EHRs
Sameer Sethi, Hackensack Meridian Health_Computer neural network concept Photo by dan/Moment/Getty Images
Chief AI Officer on becoming one and working with the C-suite
Businessperson signing piece of paper
White House releases guidance on federal AI use and procurement
Dr. Ateev Mehrotra of Brown University School of Public Health on telehealth policy
Brown University policy expert talks about the future of telehealth flexibilities
Micky Tripathi, former HHS acting chief AI officer
Former National Coordinator headed to Mayo Clinic, reports say
Home

More News

  • MobiHealthNews
  • Healthcare Finance News
  • Healthcare Payers News

Newsletter Signup

HIMSS25 European Health Conference & Exhibition
HIMSS25 European Health Conference & Exhibition
Get ready for knowledge-sharing, all the latest innovations, and in-depth demos with Europe's most influential healthcare community.
10 - 12 June, 2025 | Paris
Learn More
AI in Healthcare Forum
AI in Healthcare Forum
The HIMSS AI in Healthcare Forum cuts through the hype to showcase real-world examples illustrating the transformative potential, and realistic challenges of AI application across the care continuum.
10 - 11 July 2025 | New York
Learn More

Footer Menu

  • About
  • Advertise
  • Reprints
  • Contact
  • Privacy Policy

© 2025 Healthcare IT News is a publication of HIMSS Media

X

Topics

  • Video
  • Analytics
  • Artificial Intelligence
  • Cloud Computing
  • EHR
  • Government & Policy
  • Interoperability
  • Patient Engagement
  • Population Health
  • Precision Medicine
  • Privacy & Security
  • Telehealth
  • Women In Health IT

Career

  • Events
  • Jobs
  • Research Papers
  • Webinars

More

  • About
  • Advertise
  • Contact
  • Special Projects
  • Video

Regions

  • ANZ
  • ASIA
  • EMEA
  • Global Edition

The Daily Brief Newsletter

Get daily news updates from Healthcare IT News.

Search form

Top Stories

Nurse checks tablet to communicate on shift
Zoom launches agentic AI-powered mobile comms for frontline staff
HIMSSCast logo
HIMSSCast: Should every healthcare organization have an AI strategy?
Vik Bajaj, Foresite Labs_Medical research Photo by Edward Jenner/pexels.com
Healthcare research is being affected by federal budget cuts