The healthcare industry experienced more cyberthreats in 2024 than any other critical infrastructure sector, the FBI reported.
Healthcare and public health had 238 ransomware incidents and 206 data breaches last year, according to the April report. Only critical manufacturing had more ransomware attacks, with 258.
“It’s not surprising that the report shows healthcare suffered the highest combined total of ransomware and data theft attacks of any U.S. critical infrastructure sector,” said John Riggi, American Hospital Association national advisor for cybersecurity and risk, in a May 12 news release.
“As we analyze these incidents, we have noticed consistent patterns over the past three years, with the vast majority of patient records being stolen from third parties — not from hospitals. Also, the majority of ransomware attacks are perpetrated by Russian-speaking ransomware groups that primarily use social engineering, stolen credentials and exploitation of unpatched published vulnerabilities for initial access.”
He noted that healthcare has strengthened its cybersecurity infrastructure through the sharing of threat intelligence and defense strategies.
