Health care had more cyberthreats last year than any other critical infrastructure industry, according to the FBI's 2024 Internet Crime Report released April 23. A total of 444 reported incidents impacted health care, comprised of 238 ransomware threats and 206 data breach incidents. Only critical manufacturing had more ransomware incidents, with 258, but fewer data breaches, with 71. The report also found that ransomware groups with the most FBI complaints in 2024 included Akira, LockBit and RansomHub. 

“It’s not surprising that the report shows health care suffered the highest combined total of ransomware and data theft attacks of any U.S. critical infrastructure sector,” said John Riggi, AHA national advisor for cybersecurity and risk. “Concurrently in 2024, health care made 592 regulatory filings of reported ‘hacks’ of protected health information to the Department of Health and Human Services Office of Civil Rights, impacting a record of 259 million Americans. That massive number is mainly due to the hacking of records for 190 million Americans during the Change Healthcare ransomware attack.  

“As we analyze these incidents, we have noticed consistent patterns over the past three years, with the vast majority of patient records being stolen from third parties — not from hospitals. Also, the majority of ransomware attacks are perpetrated by Russian-speaking ransomware groups that primarily use social engineering, stolen credentials and exploitation of unpatched published vulnerabilities for initial access. However, the sharing of threat intelligence and defensive measures across health care has increased significantly, while prioritizing resiliency through clinical continuity protocols to minimize impact to patient care and safety.” 

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity

Related News Articles

Headline
The FBI, Cybersecurity and Infrastructure Security Agency and international agencies July 29 released a joint advisory on recent tactics by the Scattered…
Headline
Microsoft July 22 released an update on the ongoing cyberattacks to SharePoint servers used within organizations, attributing the incidents to China-based…
Headline
The FBI, Cybersecurity and Infrastructure Security Agency, Department of Health and Human Services, and Multi-State Information Sharing and Analysis Center…
Headline
Microsoft July 19 issued an alert about active attacks from vulnerabilities targeting SharePoint servers used within organizations. The incidents have not…
Headline
In his latest AHA Cyber and Risk Intel blog, Scott Gee, AHA deputy national advisor for cybersecurity and risk, explains how hospitals can prepare for and…
AHA Cyber Intel
In today’s heightened threat environment, driven by domestic and geopolitical issues, it is more critical than ever for hospitals to prepare for and mitigate…