Common cybersecurity threats in healthcare

As our hospital centres go deeper into the digital transformation, new digital entry points to control arise. Each new technology that is adopted and each new user that uses the existing technology, is a new threat to the centre, therefore awareness and training are essential to achieve a safe environment.

There are threats that a user cannot control, or even know that they are occurring, such as the Man-in-the-middle attack, Denial-of-service, SQL Injection1 attack, and others. These threats must be prevented by the IT department, establishing a secure environment and updating the IT infrastructure with the latest security measures. But there are many threats that a patient or staff (users) must be very aware of when working or using the networks of a connected healthcare environment, such as Ransomware, Phishing and even the users themselves are the most common threats in hospital centres.

Some of the most common threats are: 


Ransomware is a type of malware that encrypts users’ personal files, preventing access and requesting the payment of a ransom to unlock and access them again. Attackers use social engineering to trick users into accessing links or opening files that seem to be from reliable sources. When the user accesses it, the cybercriminal has the door open to the health information system (HIS).

Another common infection method is malicious advertising. Malicious advertising is the use of online advertising to distribute malware with little or no user interaction. While browsing the web, even legitimate sites, users can be directed to criminal servers without the need to click on an advertisement 2. 


One of the biggest threats in hospital settings is the lack of employee awareness and education in cybersecurity. This is due to the lack of preparation and understanding of the security policies and good practices that must be followed in hospital centres 3.

“Healthcare employees were the root cause of the majority of healthcare data breaches during the first half of 2019. Egress found that about 63 percent of those breaches were caused by human error: 43 percent due to incorrect disclosure and 20 percent by posting or faxing data to the wrong recipient” 4.


Phishing is the attack of tricking people into sharing confidential information, such as passwords and credit card numbers.  The most common phishing attack is to send an email or text message, posing as a trusted source, in the form of an email from someone in the organization, a bank company or a government entity.

The appearance of the email, in most cases, is so similar to the original that users have to pay close attention to detect that the email is not sent by the trusted source. In this email or message, there is a message that prompts the user to send them specific information or to go to a web page equal to the legitimate source.

From here, the user will be asked to sign in with their username and password credentials. If the user is naive enough to do so, the login information reaches the attacker, who uses it to steal identities, loot bank accounts, and sell personal information on the black market 5. 

Luckily all this threats can be explained in cybersecurity raising awareness training session to limit or reduce the potential impact of such cybersecurity breaches, in particular in healthcare centres.


Toni Alonso

Fundacion Privada Hospital Asil de Granollers, Spain