U.S. hospitals and health systems face growing financial pressure from cyberattacks, credit rating agency Fitch Ratings reported last week.  

“Ransomware pay-outs and efforts to protect or ‘harden’ healthcare systems and cyber defenses are affecting hospital financial flexibility by increasing on-going operating expenses,” the report notes. “Attacks may also hinder revenue generation and the ability to recover costs in a timely manner, particularly if they affect a hospital’s ability to bill patients when financial records are compromised or systems become locked.”

John Riggi, AHA senior advisor for cybersecurity and risk, said, “This report serves as another validation point, which unfortunately has become very evident — cyberattacks, particularly ransomware attacks, targeting hospitals have grown in frequency and severity with wide ranging impact, including disruption of care delivery, potential risk to patient safety and lost revenue due to disruption of services. We have also seen firsthand how COVID-19 translated into a cyber ‘triple threat’ for hospitals. One, an expanded ‘cyberattack surface’ due to the urgent need to rapidly expand network connected devices and increased reliance on internal and remote technologies to care for patients, two, an increase in cyberattacks exploiting the expanded attack surface, and three, reduced revenue and resources available for hospitals to bolster network defenses and counter increased attacks. Regardless of the revenue implications, cybersecurity has become a top priority for hospitals to protect patient data and patient safety.”

For further information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org.

Related News Articles

Headline
The FBI, along with the National Security Agency and other international cybersecurity agencies, this week released a joint agency advisory on cyber operations…
Headline
The FBI's Internet Crime Complaint Center released an alert May 7 warning of cyber actors exploiting vulnerabilities in end-of-life routers. Routers dated 2010…
Headline
The FBI’s Internet Criminal Complaint Center May 15 released an alert warning of a malicious text and voice messaging campaign involving impersonators…
Headline
In his latest AHA Cyber Intel blog, John Riggi, AHA national advisor for cybersecurity and risk, examines the state of cyber and physical threats in 2025 as…
Headline
Health care had more cyberthreats last year than any other critical infrastructure industry, according to the FBI's 2024 Internet Crime Report released April…
Headline
The National Security Agency April 23 released a report on operational technology systems that includes recommendations for security policies and technical…