Healthcare Threat Trends Report 2022

Darktrace’s early indicator analysis of the threats facing the healthcare sector over the last year paints a picture of a global healthcare sector that remains a top target for cyber-criminals who are particularly hungry for patient data.

Security teams remain over-stretched and under-resourced in the sector, particularly as the recovery from a global pandemic continues. Cyber attackers continue to target the sector because of its reputation for low cyber maturity, and its wealth of sensitive data-stores. Attackers are not only seeking out protected health information (PHI) to conduct standard identity theft and extortion of victims but also seek to access prescriptions, other medical services and even to file false insurance claims.

Data exfiltration is a common technique used in sophisticated ransomware attacks – an attack method renowned for its ability to cause disruption to normal operations. The prominence of data exfiltration in the healthcare sector indicates a high risk of such disruption, which can directly impact patient care, as well as the risk of significant financial loss for a sector that already runs on tight budgets.

In 2022 the UK and Australian healthcare sector saw a notable rise in data exfiltration. In the US healthcare sector there was a decrease in data exfiltration threats, but the attack type remained in the top three most common malicious activities observed in the sector. Despite this, data exfiltration remained a significant challenge to the global healthcare sector in 2022.