Why Cyberattacks in the Healthcare Industry are on the Rise

Seeking Network Security Concept Image

“When I was a boy and I would see scary things in the news, my mother would say to me, ‘Look for the helpers. You will always find people who are helping.’”

– Fred Rogers

During these unprecedented times, like most people, we here at Threater are watching in awe as “the helpers”..the nurses, doctors, caretakers, EMTs, and healthcare providers, are risking their own health and making profound sacrifices to fight the COVID-19 outbreak.

Why Healthcare Providers are Targeted by Cyber Criminals

Threater is also keenly aware of the unconscionable attacks by cyber criminals, as they unleash a global onslaught of phishing and ransomware attacks, targeting healthcare providers and medical facilities. These attacks* seek to exploit the crisis by attacking the very heroes and their organizations on the front lines, and when we are at our most desperate.

Threater has almost a decade of experience helping healthcare organizations protect their patient data and critical infrastructure from crippling cyber threats. Over this time, we’ve seen cyber attacks targeting the healthcare industry grow to a billion dollar black market business. According to the 2019 HIMSS Cybersecurity survey, phishing attacks have become a greater threat to the healthcare industry than any other attack vector.

So while disturbing, it is perhaps no surprise that from February to April, Threater saw dropped connections targeting our healthcare customers increase from 900 million to over 1 billion, or a 15% increase in blocked known bad IPs and domains.

How Threater Can Help

Here’s how we can help.

The Threater Threat Intelligence Firewall platform enables healthcare organizations to curate specific protections against these targeted attacks in several ways:

  • We aggregate and integrate 3rd party threat intelligence from trusted sources and cyber-security sharing communities (ISACs and ISAOs). This includes:
    • Threat feeds from commercial providers like DomainTools, Proofpoint, and Webroot, open source, and government sources, like DHS.
    • COVID-19 specific threat feeds from DomainTools. For more information, see our blog: Making COVID-19 Threat Intelligence Actionable.
    • Healthcare sharing communities like H-ISAC.
    • Threat intel from other security solutions including Threat Intelligence Platforms, SIEMs, SOARs and other systems.
  • We make threat intelligence actionable by blocking known threats before they hit your network. We know that phishing attacks (and associated ransomware) remain the most prevalent type of attacks targeting healthcare environments. Our Threat Intelligence Firewall platform blocks connections to malicious domains and IP addresses associated with COVID-specific threats.

In network security, we often use a “what if” scenario to explain the value of our solutions. For our healthcare providers and the networks on which they rely, that “what if” scenario is “now.”

We here at Threater are dedicated to making threat intelligence actionable to protect our way of life….that includes doing what we can to protect the heroes that are protecting life itself.

*If you’d like to know more information about COVID-19 attacks, read our blog: The Very Real Impact of COVID-19 Cyber Threats.

And finally:

For more information on the Threater Threat Intelligence Firewall Platform please visit us at 

If you would like to protect your network by making threat intelligence actionable, contact our team today at