Tackling Top Cybercrime Trends with Healthcare Security Best Practices

Despite significant federal actions to mitigate cybercrime, threats have reached unprecedented levels in the United States. The FBI’s Internet Crime Complaint Center (IC3) reported over $16.6 billion in losses last year, increasing 33% since 2023. While attacks impact all industries, healthcare is the most vulnerable sector due to its high-value data. In fact, according to the HIPAA Journal, 84% of healthcare organizations detected a cyberattack or intrusion in the last 12 months.

These alarming figures highlight the tremendous financial and operational risks faced by healthcare organizations across the country. Yet, many healthcare facilities don’t have the security expertise or bandwidth to combat these serious threats. To boost preparedness, see four frightening cybercrime trends — coupled with best practices — to better establish a proactive healthcare cybersecurity approach:

Phishing Continues to Fuel Cyber Attacks

In 2024, phishing remained the most reported cybercrime, with over 193,000 FBI complaints. Phishing serves as the most common entry point for cyber-attacks in healthcare, making their frequency even more alarming. Targeted phishing emails often trick healthcare employees into clicking malicious links or downloading infected attachments, unknowingly giving cybercriminals access to systems and networks where they may deploy ransomware.

Best practice:

To proactively combat these types of attacks, organizations can start by conducting regular security awareness training (SAT) to instill a security-conscious culture amongst employees. Training may include deploying quarterly education modules, regularly testing staff with fake phishing emails, or sending a ‘monthly tips’ newsletter. These strategies can help staff better recognize and avoid social engineering tactics. Additionally, health organizations may utilize the principal of least privilege for user access. Restricting the number of users with elevated permissions makes it more difficult for cyber attackers to gain full access to system environments.

Advancing Complexity of Ransomware Threats

According to the FBI Internet Crime Report, ransomware attacks increased by 9% from the previous year, primarily attacking critical infrastructure sectors like healthcare. Along with higher frequency breaches, the sophistication and severity of these attacks have also increased. Threat actors have evolved to become organized crime or military units, often attacking overwhelmed healthcare organizations.

Best practice:

To stay ahead of threats, HIT leaders must make strategic investments in security tools. Since most ransomware breaches occur on desktops, laptops, or mobile devices, it is critical for security teams to utilize managed detection and response (MDR) to protect these endpoints before a breach occurs. When used in conjunction with security information and event management (SIEM) tools, IT teams can detect and alert leadership of potential threats. Additionally, implementing multi-factor authentication (MFA) across systems delivers added layers of protection to employee passwords and secures networks.

Rising Toll of Data Breaches in Healthcare

The number of patients impacted by data breaches has risen significantly, jumping by 64.1% compared to last year, according to the HIPAA Journal. With reports of nearly 277 million breached records last year, cyber-attacks have impacted data belonging to nearly 81% of the U.S. population. Such breaches cause severe disruptions for patients and providers — including medication delays, compromised care, claims submission hindrance, and widespread operational inefficiency.

Best practice:

To maximize prevention, healthcare organizations should complete a security risk assessment (SRA) and vulnerability scan to identify potential weaknesses and areas for improvement. Though assessment performance will vary based on each unique organization, results allow a comprehensive look at all data environments. This full visibility empowers security teams to engage in continuous threat hunting to quickly detect anomalies or suspicious activity across the network – and remain compliant with the new Notice of Proposed Rule for the HIPAA Security Rule.

Mounting costs tied to data breaches

In 2024, the global average cost of a data breach reached $4.88 million, a 10% increase from the previous year. Yet, the average cost for a data breach in the healthcare industry is higher than any other, reaching $9.8 million — according to IBM security. With limited budgets and low operating margins in healthcare, these heightened costs are especially troubling.

Best practice:

One solution for mitigating costs from a potential breach is to ramp up security staffing, either internally or through a trusted managed security service provider (MSSP) partnership. Reducing staff often seems like a straightforward cost-saving measure. Yet organizations experiencing severe qualified cybersecurity staffing shortages incurred breach costs averaging $1.76 million higher than those with sufficient staffing. A well-resourced security team can address cybersecurity skill gaps across an organization and strengthen defense mechanisms. Furthermore, a robust CSIRT-backed security team can prepare an incident response plan to reduce expensive delays and additional losses if an incident takes place.

Keeping up with the latest cybercrime and security trends can be challenging, especially when faced with the competing priorities of healthcare IT. However, staying informed is not optional. By adopting a proactive cybersecurity approach, HIT leaders can equip organizations with preventative resources, reduce the risk of attack, and minimize breach consequences if one does occur.