« Information Technology
  

Report: Healthcare Ransomware Attacks Up 21 Percent in 2024

Guarding against phishing – a common method used to deploy ransomware – is crucial.

By Jeff Wardon, Jr., Assistant Editor


Cyberattacks of all types pose serious risks to healthcare facility operations. They also don’t seem to be letting up anytime soon, making it even more critical for facility managers to understand and stay abreast of the latest trends. 

The NCC Group released a report highlighting how the healthcare sector has become an increasingly attractive target for organized hacking groups and nation-state actors. Some of the key findings include:  

  • 550 attacks against healthcare sector targets were recorded in NCC Group’s ransomware database, up 21 percent from 454 attacks in 2023, and up 216 percent from 174 attacks in 2022. 
  • The healthcare sector consistently ranks in the top five most targeted sectors across 2022, 2023 and 2024. 
  • RansomHub and LockBit 3.0 were responsible for the greatest share of healthcare attacks in 2024. 
  • Only 40 percent of healthcare organizations currently provide cyber awareness training for non-IT staff. 

Phishing remains a top entry point. Across health organizations, most security breaches come from phishing, negligence or unauthorized data access, according to a NIH study. Phishing emails often serve as an initial point of access for hackers to deploy their malware such as ransomware. 

Managers must remember that with phishing attacks, clicking on suspicious links or files can open the door for cybercriminals to gain access to a network. Once they have a foothold in the network, cybercriminals will begin their attack.  

Healthcare staff should be trained to recognize and respond appropriately to phishing attempts. Key tips include: 

  • Don’t click on suspicious links or download files from unknown or unexpected sources. 
  • Verify unusual emails from colleagues by directly reaching out to them using a known method (e.g., a phone call, team messaging app or a separate email chain). If the wording seems off or the request is unexpected, treat it as a phishing attempt. 
  • Watch for poor grammar and spelling errors. 
  • Check the sender’s email address carefully, as phishers commonly use lookalike domains (e.g., @healthecare.com instead of @healthcare.com) to trick their targets. 
  • Be wary of urgent requests. Phishing emails typically create a false sense of urgency to encourage hasty decision making. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



May 1, 2025


Topic Area: Information Technology , Security

Recent Posts

Wayfinding Challenges: How Designers Can Fix Them in Senior Care Facilities

When everything looks the same, it’s hard to know where you are. Wayfinding can help aid in this challenge.

Neenan Archistruction and Ampla Health Celebrate Opening of New Flagship Facility

At 56,498 square feet, the newly completed facility brings together advanced design, comprehensive care services and community-centered functionality.

Advanced Building Envelopes to Innovate Healthcare Environments

By integrating cutting-edge air systems and intelligent building management, facility envelopes can exceed rigorous demands of modern medical care.

Ground Broken on Mercy Hospital Wentzville in Missouri

Construction of the 400,000-square-foot hospital is expected to be completed in four years.

Designing for Flexibility: How Healthcare Furniture Is Evolving with the Times

Manufacturers share how modular, mobile solutions are helping healthcare facilities meet the growing demand for adaptable, patient-centered spaces.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.