Complex computer and data systems.  Sensitive personal information.  The need to function without interruption or downtime.  Insufficient cyber-defenses.  These are some of the weaknesses that make hospitals a target of choice for hackers and cyber attackers.

In 2019, approximately 32 million people had their sensitive health-related information breached by hackers in over 311 cyber attack incidents against health care providers.  These attacks, even when not directly targeting patient care, have led to increased death rates among heart patients.

Complex Systems and a Large Amount of Data

The complex computer and data systems of hospitals make them an easy target for hackers.   Hospitals have to maintain several systems simultaneously to work properly. This includes medical records of people, internet-connected medical devices, and billing records. After mergers with other organizations, which have been increasing in recent years, the systems get even more complicated and confusing.

Cybersecurity experts believe that the hospitals make an attractive target for cybercriminals because hackers know that the hospitals have a complex network and insufficient cybersecurity tools. Furthermore, hospitals have to be open 24/7 and cannot afford any interruptions, making them a soft target.  Cybercriminals are aware that their ransomware demands won’t go unanswered when it comes to hospitals and public health.

Additionally, hospitals also often have weak cybersecurity and do not receive significant assistance from the government to shore up their cyber defences.

Attractive Information

Hackers also target hospitals because they have sensitive data like patient records, social security, and patient addresses. Hackers know that they can sell such data and earn large amount of money on the dark web.