Welcome to HIMSS

This site uses technologies such as cookies to provide a better user experience by personalising content and ads, analysing web traffic and trends, and improving site operations. We may share information about your use of the site with third parties in accordance with our Privacy Policy. By continuing to use this site you agree that we can save cookies on your device, unless you have disabled them. You can change your cookie settings at any time by visiting our Cookie Policy, but parts of our site may not function correctly without them.

Skip to main content
Email

The latest news in Healthcare IT – straight to your inbox.

Home
  • Main Menu
  • Subscribe
  • Topics
    • Video
    • Analytics
    • Artificial Intelligence
    • Cloud Computing
    • EHR
    • Government & Policy
    • Interoperability
    • Patient Engagement
    • Population Health
    • Precision Medicine
    • Privacy & Security
    • Telehealth
    • Women In Health IT

Regions

  • ANZ
  • ASIA
  • EMEA
  • Global Edition
Global Edition
Privacy & Security

Warning: Cybercriminals have more weapons with AI

Artificial intelligence has changed the threat landscape, enabling new cybersecurity risks for health systems: more sophisticated social engineering, automated vulnerability intelligence gathering, endpoint detection evasion and more.
By Andrea Fox
July 18, 2023
10:38 AM

Photo: Artem Podrez/Pexels

New research monitoring the progress and implementation of large language models and generative artificial intelligence offers a warning for healthcare IT security teams to adjust their detection and response priorities.

WHY IT MATTERS

With innovation, sensitive data being shared with artificial intelligence requires organizations to jump on the new cybersecurity challenges, according to researchers at Trustwave SpiderLabs.

While many are making use of the huge benefits posed by AI and machine learning models for an array of clinical and operational use cases, healthcare organizations also need to be educated about – and vigilant against – the cybersecurity threats AI can pose.

To increase the speed of incident response and enable more efficient threat detection, Trustwave recommends hospitals and health systems transform security operation centers so they are not outgunned by cyber-gangs near and far.

"Failing to do so is like bringing a knife to a gunfight," said a representative from Avertium, a Phoenix-based cybersecurity vendor, in an email to Healthcare IT News.

In Trustwave's recent report, the firm provides an analysis of attack flows specific to the healthcare sector.

With more than 28.5 million healthcare records breached in 2022 – a significant increase from 21.1 million in 2019, according to the U.S. Department of Health and Human Services – it behooves cybersecurity teams to stay in the know on AI developments within a healthcare organization.

The Cybersecurity in the Healthcare Industry report offers information about their health-sector research, attack-vector flow diagrams and mitigation measures.

Phishing, which is still the most commonly exploited method for gaining an initial foothold in an organization, according to the report, has had a significant assist from the expanded use of LLM technologies, such as GPT-4, that make it easier for bad actors to create highly personalized and targeted messages that are more compelling and harder to detect.

"Over the last year our team flagged both Emotet and Qakbot as the most common trend amongst phishing attacks targeting healthcare organizations," the Trustwave researchers said.

"Based on observations to date, Trustwave sees the primary areas of concern are the increased speed and quality that phishing emails can be drafted and exploit code can be enhanced."

Generative AI can eliminate the grammatical and spelling errors that can help make phishing scams and malicious emails tougher for employees to recognize attempts, and could result in a higher likelihood that a bad actor can breach a health system's network infrastructure.

Trustwave said that a common lure in phishing emails is impersonating a medical device and medical equipment quote and payment processing communication. 

Coupled with lots of endpoints – there's more third-party vendors and Internet of Things devices in healthcare than ever – the vulnerability of the industry's infrastructure is generally much higher.

The report also addresses other common threat tactics, exploitations of vulnerabilities and existing tools, stolen web shells, malware and more. 

THE LARGER TREND

Organizations need to balance AI and automation innovations with improved cyber readiness.

Recently, 11 million HCA healthcare patients in the United States had their data exposed in a breach of the provider's network infrastructure. 

"This appears to be a theft from an external storage location exclusively used to automate the formatting of email messages," HCA officials said in a recent announcement about the apparent data theft. 

The health system, like so many others, is prioritizing its digital transformation efforts in ways that make it a shinier target for those that see the opportunities AI provides to attack critical infrastructure like healthcare.

AI can help healthcare move faster in its transformation, according to Tom Lawry, author and managing director of Second Century Technology, who hosted a panel on driving healthcare AI at scale at HIMSS23.

Albert Marinez, chief analytics officer at Intermountain Healthcare, said that health system is using AI to better understand patient flows and discharge barriers, because it is an opportunity.

Save the organization $15-$20 million.

ON THE RECORD

"Consider instituting an internal AI Infosec working group across relevant teams – like legal, privacy, IT, etc. – to deal with governance and data sharing guidelines," said Trustwave researchers in their report.

Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org

Healthcare IT News is a HIMSS Media publication.

Topics: 
Analytics, Artificial Intelligence, Network Infrastructure, Privacy & Security

More regional news

Patient does a virtual care consult

Castlight Health intros virtual urgent care for members

By
Mike Miliard
April 18, 2025
HIMSSCast logo

HIMSSCast: Should every healthcare organization have an AI strategy?

By
Mike Miliard
April 18, 2025
Nurse checks tablet to communicate on shift

Zoom launches agentic AI-powered mobile comms for frontline staff

By
Andrea Fox
April 18, 2025
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Nurse checks tablet to communicate on shift
Zoom launches agentic AI-powered mobile comms for frontline staff

Most Read

How UCHealth is reducing fall injuries with AI-enhanced risk modeling
2025: AI enhances personalized care; caregiver experience in the spotlight
Frontera launches with $32M in seed funding
Australia infuses $85M in digital mental health and more briefs
Korea University Medical Center pursues brain, heart AI development and more briefs
Roundup: AI and cloud tackle cyber risk and improve workflows

Research

White Papers

More Whitepapers

Telehealth
Create secure, connected omnichannel communications
Telehealth
Let us guide you to HIPAA compliance
Cloud Computing
How a cloud communications platform puts connection at the center of care

Webinars

More Webinars

Analytics
Standby Eligibility and Claims Solutions: Diversify Your Risk & Ensure Business Continuity
Interoperability
Nursing Leadership, Operational Innovation, and Emerging Technologies with AONL
Artificial Intelligence
Loving the AI Revolution: How Automation is Humanizing Healthcare and Improving Provider Well-Being

Video

Ilir Kullolli, Stanford Medicine Children's Health_Las Vegas skyline Photo by halbergman/E+/Getty Images
HIMSS-ACCE working together to advance digital health
Vik Bajaj, Foresite Labs_Medical research Photo by Edward Jenner/pexels.com
Healthcare research is being affected by federal budget cuts
Priyanka Jain, Evvy_Hand holding sample vial Photo courtesy of Evvy
How one women's health startup tests fertility outcomes
Keisuke Nakagawa, UC San Diego Health_Las Vegas skyline Photo by halbergman/E+/Getty Images
Can technology help bring the human touch back to medicine?

More Stories

Lee Kim, HIMSS_Las Vegas skyline Photo by halbergman/E+/Getty Images
Past year's data breaches often stemmed from remediable cybersecurity gaps
Cathy Menkiena, Health Catalyst_Las Vegas skyline Photo by halbergman/E+/Getty Images
Innovative – and useful – tech is key to empowering care teams
Sameer Sethi of Hackensack Meridian Health on AI
Hackensack Meridian Chief AI Officer on the intersection of business and technology
Doctor checking and tracking information on a computer
HHS updates regulatory guides for the safe use of EHRs
Sameer Sethi, Hackensack Meridian Health_Computer neural network concept Photo by dan/Moment/Getty Images
Chief AI Officer on becoming one and working with the C-suite
Businessperson signing piece of paper
White House releases guidance on federal AI use and procurement
Dr. Ateev Mehrotra of Brown University School of Public Health on telehealth policy
Brown University policy expert talks about the future of telehealth flexibilities
Micky Tripathi, former HHS acting chief AI officer
Former National Coordinator headed to Mayo Clinic, reports say
Home

More News

  • MobiHealthNews
  • Healthcare Finance News
  • Healthcare Payers News

Newsletter Signup

HIMSS25 European Health Conference & Exhibition
HIMSS25 European Health Conference & Exhibition
Get ready for knowledge-sharing, all the latest innovations, and in-depth demos with Europe's most influential healthcare community.
10 - 12 June, 2025 | Paris
Learn More
AI in Healthcare Forum
AI in Healthcare Forum
The HIMSS AI in Healthcare Forum cuts through the hype to showcase real-world examples illustrating the transformative potential, and realistic challenges of AI application across the care continuum.
10 - 11 July 2025 | New York
Learn More

Footer Menu

  • About
  • Advertise
  • Reprints
  • Contact
  • Privacy Policy

© 2025 Healthcare IT News is a publication of HIMSS Media

X

Topics

  • Video
  • Analytics
  • Artificial Intelligence
  • Cloud Computing
  • EHR
  • Government & Policy
  • Interoperability
  • Patient Engagement
  • Population Health
  • Precision Medicine
  • Privacy & Security
  • Telehealth
  • Women In Health IT

Career

  • Events
  • Jobs
  • Research Papers
  • Webinars

More

  • About
  • Advertise
  • Contact
  • Special Projects
  • Video

Regions

  • ANZ
  • ASIA
  • EMEA
  • Global Edition

The Daily Brief Newsletter

Get daily news updates from Healthcare IT News.

Search form

Top Stories

Nurse checks tablet to communicate on shift
Zoom launches agentic AI-powered mobile comms for frontline staff
HIMSSCast logo
HIMSSCast: Should every healthcare organization have an AI strategy?
Vik Bajaj, Foresite Labs_Medical research Photo by Edward Jenner/pexels.com
Healthcare research is being affected by federal budget cuts