Exploits On Healthcare Facilities Surged 60% Since 2022

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

According to a joint report published by Health-ISAC, Finite State, and Securin, healthcare facilities faced a nearly 60% increase in cyber attacks over the last year.

Their research found over 1,000 vulnerabilities, with 993 of them in various medical products and devices since 2022. And, 160 of these vulnerabilities are currently being weaponized, while 101 are undetected in the wild.

The vulnerabilities range in severity, however, the worst of them would allow hackers access to the network of various medical facilities and inflict further malware, steal data, or even encrypt their data and extort them.

“Our research unveils a disturbing year-over-year increase in firmware vulnerabilities within connected medical products and devices, underscoring an urgent need for robust software supply chain security,” states the Director of Product Security Research and Analysis at Finite State.

Unfortunately, healthcare continues to be a prime target for hackers, with various means of inflicting devastating results on facilities. This puts residents who may be on life support or need access to the hospital’s facilities at risk of having their products remotely hacked. Last year alone, there was a 437% year-over-year increase in RCE/PE exploits

This year we’ve seen multiple large-scale data breaches affect millions of patients across the world, including the global MOVEit file transfer software hack, and the hack on Regal medical group, which put the information of over 3 million patients at risk.

“Healthcare organizations must prioritize cybersecurity measures, employ robust cybersecurity practices, conduct regular risk assessments, and stay updated on the latest security threats and technologies to proactively protect against cyber threats,” explains Phil Englert, Health-ISAC’s VP of Medical Device Security.

“Health-ISAC focuses on enhancing cyber resilience within the global healthcare sector by facilitating collaboration, sharing threat intelligence, developing and sharing best practices and providing resources and support to its members to build resilience within member organizations and the healthcare community as a whole.”

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."