Hospital cyberattacks are no longer just IT threats—they're putting lives at risk. A new report reveals that disruptions from ransomware and other attacks are directly tied to delays in care, complications, and increased patient deaths.
A report from the Ponemon Institute and Proofpoint reveals a direct connection between hospital cyberattacks and patient mortality rates. According to the study, more than 20% of healthcare organizations that experienced a ransomware attack or other IT compromise reported an increase in patient deaths following the incident.
The study surveyed over 640 IT and security leaders and found that hospitals and health systems are facing an alarming frequency of cyberattacks—averaging nearly one attack per week.
These attacks are more than just a financial burden; they are delaying procedures, increasing complications, and in some cases, contributing to patient fatalities.
The report, titled Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care, outlines the severity of cyber-incursions on hospitals' ability to deliver timely and effective care.
Notable findings from the report:
Ransomware was identified as the most dangerous attack type, with 64% of respondents saying it delayed procedures and 59% noting it caused longer patient stays.
The report also indicated other vulnerabilities:
The most concerning takeaway from the report is the direct link between cyberattacks and patient deaths. This connection reshapes the conversation around healthcare cybersecurity. It’s no longer just about protecting sensitive data—it’s about protecting lives.
When cyberattacks delay critical procedures, hospitals face operational disruptions and risk the health and safety of their patients. A ransomware attack that locks down systems could mean the difference between life and death.
The days of viewing cybersecurity as a back-office concern are over. Cybersecurity must be integrated into patient safety protocols, just like infection control or medication safety measures. When systems go down due to a cyberattack, patient care halts. Leaders must treat cybersecurity threats as clinical risks with life-or-death implications.
Many healthcare organizations are still operating with a reactive approach to cybersecurity, responding to incidents after they occur. The report shows that proactive defense measures are fundamental to preventing attacks from ever reaching critical systems. Investments in prevention, detection, and response must be prioritized to reduce downtime and safeguard patient care.
The Internet of Things (IoT) has improved healthcare with devices that monitor patients, automate tasks, and offer advanced diagnostics. However, these devices are also high-risk entry points for cyberattacks. Hospitals must ensure that network-connected devices are included in their cybersecurity strategies. Unsecured devices are a ticking time bomb that attackers can exploit to disrupt care.
While many organizations focus on direct attacks, supply chain compromises can be just as damaging. If a third-party vendor’s systems are compromised, it can have cascading effects on hospital operations. Vendor risk management should be a core component of any healthcare organization’s cybersecurity plan.
Ransomware continues to be the most damaging type of attack on hospitals. Attackers target healthcare organizations because they know the stakes are high, and organizations may feel pressured to pay to resume operations. Hospitals must harden their defenses against ransomware, including backups, endpoint security, and incident response plans.
The report indicated insufficient staffing and lack of in-house expertise as major barriers to improving cybersecurity. Healthcare organizations need to prioritize cybersecurity staffing and training, just as they would any other clinical role.
Cyberattacks like ransomware can shut down key systems, including patient records, scheduling tools, and medical devices. When hospitals can’t access these systems, it leads to delays in procedures, tests, and treatments, which can negatively impact patient outcomes.
Hospitals hold valuable patient data and rely heavily on digital systems for care. Hackers know that hospitals may pay ransoms quickly to restore operations, making them attractive targets.
Hospitals need to move from reacting to attacks to preventing them. This includes securing connected devices, training staff, developing response plans, and investing in stronger cybersecurity tools to protect patient care.