Hospital cyberattacks are no longer just IT threats—they're putting lives at risk. A new report reveals that disruptions from ransomware and other attacks are directly tied to delays in care, complications, and increased patient deaths.
What the report reveals
A report from the Ponemon Institute and Proofpoint reveals a direct connection between hospital cyberattacks and patient mortality rates. According to the study, more than 20% of healthcare organizations that experienced a ransomware attack or other IT compromise reported an increase in patient deaths following the incident.
The study surveyed over 640 IT and security leaders and found that hospitals and health systems are facing an alarming frequency of cyberattacks—averaging nearly one attack per week.
These attacks are more than just a financial burden; they are delaying procedures, increasing complications, and in some cases, contributing to patient fatalities.
A closer look at the impact on patient care
The report, titled Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care, outlines the severity of cyber-incursions on hospitals' ability to deliver timely and effective care.
Notable findings from the report:
- 57% of respondents said cyberattacks delayed procedures and tests, resulting in poor patient outcomes.
- 50% reported that attacks led to increased complications from medical procedures.
- 20% of health systems experiencing common cyberattacks reported increased mortality rates.
Ransomware was identified as the most dangerous attack type, with 64% of respondents saying it delayed procedures and 59% noting it caused longer patient stays.
The report also indicated other vulnerabilities:
- 54% of healthcare organizations experienced a cloud compromise in the past two years.
- 71% of participants said they felt vulnerable to supply chain attacks, but only 44% had a response plan in place.
- Hospitals deploy an average of 26,000 network-connected devices, yet just 51% include these devices in their cybersecurity strategy.
The human cost of cybersecurity failures
The most concerning takeaway from the report is the direct link between cyberattacks and patient deaths. This connection reshapes the conversation around healthcare cybersecurity. It’s no longer just about protecting sensitive data—it’s about protecting lives.
When cyberattacks delay critical procedures, hospitals face operational disruptions and risk the health and safety of their patients. A ransomware attack that locks down systems could mean the difference between life and death.
Lessons from the report
Cybersecurity is patient safety, not just IT security
The days of viewing cybersecurity as a back-office concern are over. Cybersecurity must be integrated into patient safety protocols, just like infection control or medication safety measures. When systems go down due to a cyberattack, patient care halts. Leaders must treat cybersecurity threats as clinical risks with life-or-death implications.
Reactive security is no longer enough
Many healthcare organizations are still operating with a reactive approach to cybersecurity, responding to incidents after they occur. The report shows that proactive defense measures are fundamental to preventing attacks from ever reaching critical systems. Investments in prevention, detection, and response must be prioritized to reduce downtime and safeguard patient care.
Connected devices are a growing blind spot
The Internet of Things (IoT) has improved healthcare with devices that monitor patients, automate tasks, and offer advanced diagnostics. However, these devices are also high-risk entry points for cyberattacks. Hospitals must ensure that network-connected devices are included in their cybersecurity strategies. Unsecured devices are a ticking time bomb that attackers can exploit to disrupt care.
Supply chain attacks are a hidden risk
While many organizations focus on direct attacks, supply chain compromises can be just as damaging. If a third-party vendor’s systems are compromised, it can have cascading effects on hospital operations. Vendor risk management should be a core component of any healthcare organization’s cybersecurity plan.
Ransomware attacks will only grow more sophisticated
Ransomware continues to be the most damaging type of attack on hospitals. Attackers target healthcare organizations because they know the stakes are high, and organizations may feel pressured to pay to resume operations. Hospitals must harden their defenses against ransomware, including backups, endpoint security, and incident response plans.
Cybersecurity staffing needs an overhaul
The report indicated insufficient staffing and lack of in-house expertise as major barriers to improving cybersecurity. Healthcare organizations need to prioritize cybersecurity staffing and training, just as they would any other clinical role.
FAQs
How do cyberattacks cause delays in hospital care?
Cyberattacks like ransomware can shut down key systems, including patient records, scheduling tools, and medical devices. When hospitals can’t access these systems, it leads to delays in procedures, tests, and treatments, which can negatively impact patient outcomes.
Why are hospitals such frequent targets for cyberattacks?
Hospitals hold valuable patient data and rely heavily on digital systems for care. Hackers know that hospitals may pay ransoms quickly to restore operations, making them attractive targets.
What can hospitals do to prevent cyberattacks?
Hospitals need to move from reacting to attacks to preventing them. This includes securing connected devices, training staff, developing response plans, and investing in stronger cybersecurity tools to protect patient care.
Farah Amod
