Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    USMNT Defeat Bosnia 2-0 as Italy’s Absence Raises Questions in World Cup Shock Takeaways

    July 2, 2026

    Way Of The Sword’s Release Date Has Been Pushed Up To Avoid The Pre-GTA 6 Scramble

    July 2, 2026

    Colin from Accounts: Season Three Trailer Released Ahead of Comedy Series’ Paramount+ Premiere – canceled + renewed TV shows, ratings

    July 2, 2026
    Facebook X (Twitter) Instagram
    Select Language
    Facebook X (Twitter) Instagram
    NEWS ON CLICK
    Subscribe
    Thursday, July 2
    • Home
      • United States
      • Canada
      • Spain
      • Mexico
    • Top Countries
      • Canada
      • Mexico
      • Spain
      • United States
    • Politics
    • Business
    • Entertainment
    • Fashion
    • Health
    • Science
    • Sports
    • Travel
    NEWS ON CLICK
    Home»Health & Fitness»US Health & Fitness»Hospital Networks are Becoming Targets in Cyberwarfare, and They’re Unequipped to Deal With It
    US Health & Fitness

    Hospital Networks are Becoming Targets in Cyberwarfare, and They’re Unequipped to Deal With It

    News DeskBy News DeskJuly 2, 2026No Comments7 Mins Read
    Share Facebook Twitter Pinterest Copy Link LinkedIn Tumblr Email VKontakte Telegram
    Hospital Networks are Becoming Targets in Cyberwarfare, and They’re Unequipped to Deal With It
    Share
    Facebook Twitter Pinterest Email Copy Link

    In March, a major cyberattack hit Stryker, one of the world’s largest medical technology companies. The group that claimed responsibility, Handala, is linked to Iran, and the hackers were explicit about their reasoning: the attack was retaliation for U.S. military strikes on Iranian targets. A healthcare company was chosen deliberately as a target in an active military conflict.

    That simple motivation is what makes this incident worth pondering. State-linked cyberattacks are nothing new, and healthcare has been in their crosshairs before. What has changed, however, is the sheer brazenness of it. 

    The question facing hospital cybersecurity leaders today is no longer whether they will be collateral damage in a broader war; it’s how to reckon with adversaries who will target healthcare for ideological or political reasons — hackers may not have any particular interest in quick resolutions. 

    The cold logic behind targeting healthcare

    The commercial incentives of targeting healthcare with cyberattacks are well known: hospitals are stores of valuable records, they face a certain level of operational pressure that incentivizes fast ransom payments, and their security teams are under-resourced and stretched thin. 

    But this sector makes an attractive target for state-aligned actors simply because it’s an effective military strategy. Hospitals are civilian infrastructure with a direct bearing on national resilience. Disable them and you unnerve public morale, overwhelm emergency capacity, and generate the kind of civilian pressure that makes sustained conflict politically costly. 

    The complication for security teams is that states and hacking groups frequently operate arm in arm, though not openly. Hostile governments covertly back organized criminal infrastructure to conduct cyber operations precisely because it provides plausible deniability. 

    A ransomware group can appear financially motivated while operating with state resources or protection. North Korea’s Maui ransomware campaign is a good example. Active since at least 2021, the campaign targeted U.S. hospitals and healthcare systems, encrypting records, diagnostics, and imaging services. A North Korean government hacker was later indicted for the attacks.

    For hospital security leaders, this changing reality means the incident response processes that were built to address financially motivated adversaries need revisiting. Ransomware gangs want a resolution, and prolonged downtime costs them leverage, while hackers looking to steal data likely don’t care either way. A geopolitically motivated actor may want exactly the opposite. 

    The target is not just hospital security, it’s the entire supply chain

    Part of what makes this threat model effective is that indirect attacks can be just as damaging, if not even more. Modern hospital networks are complex and have multiple external dependencies — pathology providers, device manufacturers, cloud platforms, and payment processors all have a direct effect on operations. Breaching any part of the supply chain can produce consequences inside hospitals that their security system has no ability to prevent or address.

    Such supply chain vulnerabilities have already been exploited. In June 2024, a ransomware group called Qilin attacked Synnovis, a pathology services provider for several major London hospitals. The hospitals themselves weren’t breached, but because Synnovis processed roughly 100,000 blood tests a day, the downstream consequences were immediate across the greater London area. Blood transfusions were disrupted, test results stopped flowing, and operations were canceled. In at least one case, a patient was pulled from the table moments before open-heart surgery because the blood bank system was down.

    The Qilin ransomware cybercrime gang is said to operate freely from within Russia. The former head of the U.K.’s National Cyber Security Centre stated that the group was unlikely to have known they would cause such severe healthcare disruption, and that they were mainly looking for a ransom. 

    But within weeks of the attack, Qilin justified the operation to the BBC as a form of political protest, revenge for the U.K.’s involvement in an undisclosed war. 

    A year later, it emerged that a patient had died during the attack, partly due to delays in blood test results.

    That’s the stark reality facing hospitals today. Even if we assume, generously, that Qilin didn’t fully anticipate the full impact of their attack, the result was a gridlocked hospital system and a patient casualty. 

    A state-sponsored group that does understand the importance of its target and targets those dependencies on purpose wants such outcomes from the start. 

    What hospitals need to do differently

    The examples above point to the same operational gap: most hospital cybersecurity systems were built to respond to a different kind of threat actor. Perimeter defense, patching cycles, and compliance reporting are often designed with financially motivated adversaries in mind, or are meant to safeguard patient or hospital data from thieves. That model needs updating.

    To properly protect against politically motivated actors, hospitals must reevaluate their security stance as it relates to third-party dependencies. Security teams need a clear picture of which external relationships, if disrupted, would hamper care delivery, and what IT operations could look like without them.

    Continuity planning needs a similar rethink. Most downtime planning assumes systems will be unavailable for hours, but a committed threat actor with more sinister motivations, especially during wartime, could take systems down for days. Clinical and operational leadership need to get ahead of such scenarios. When systems go down in a real incident, the people responsible for patient safety must have a plan for maintaining patient care.

    The third gap is intelligence. Generic cybersecurity feeds cover the landscape broadly, but aren’t built to surface the specific threat actor behaviors, attack patterns, and vendor vulnerabilities that matter to healthcare. Sector-specific information sharing networks exist to close that gap, providing early warning and peer experience from organizations that have already navigated these incidents. A hospital without access to that information sharing community is likely to make decisions with significantly less information than it could have.

    Lastly, it’s important to revisit the basics of security. When done well, a robust security system that covers the technicals properly will be well-positioned to defend against all kinds of attacks and motivations, regardless of who the threat actor is or what they are targeting. 

    Besides strengthening security posture, security teams can’t close all of these gaps on their own. Dependency mapping, continuity planning, and intelligence access are all operational and governance matters. They require decisions that only executive and board-level leadership can make. 

    The stakes are already clear

    The recent Stryker attack and the Synnovis case in 2024, are real examples of healthcare infrastructure being used to create real harm during conflict, and patients ended up paying the price. 

    Healthcare has spent years building the digital ecosystem that makes modern care possible. Every nation-state with a strategic reason to apply pressure, whether the conflict is active today or not, has that infrastructure on its list of targets.

    The healthcare industry needs to reckon with that threat directly, at the leadership level, and reject the comfort of assuming it won’t happen to them.

    Photo: Traitov, Getty Images


    Errol Weiss joined Health-ISAC in 2019 as its first Chief Security Officer and created a threat operations center headquartered in Orlando, Florida to provide meaningful and actionable threat intelligence for IT and infosec professionals in the healthcare sector.

    Errol has over 25 years of experience in Information Security beginning his career with the National Security Agency (NSA) conducting penetration tests of classified networks. He created and ran Citigroup’s Global Cyber Intelligence Center and was a Senior Vice President Executive with Bank of America’s Global Information Security team.

    This post appears through the MedCity Influencers program. Anyone can publish their perspective on business and innovation in healthcare on MedCity News through MedCity Influencers. Click here to find out how.

    cyber crime cyberattacks health IT hospital cybersecurity hospitals
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Telegram Copy Link
    News Desk
    • Website

    News Desk is the dedicated editorial force behind News On Click. Comprised of experienced journalists, writers, and editors, our team is united by a shared passion for delivering high-quality, credible news to a global audience.

    Related Posts

    US Health & Fitness

    Why the Office of Personnel Management Needs Access to Government Employee Health Plan Claims Data

    July 2, 2026
    US Health & Fitness

    FDA Clears First Neurostimulation Device for PTSD

    July 2, 2026
    US Health & Fitness

    Orca Bio Cell Therapy Gets Landmark FDA Nod for New Kind of Living Medicine

    July 2, 2026
    US Health & Fitness

    Evernorth Invests $100M for AI Specialty Pharmacy Program

    July 1, 2026
    US Health & Fitness

    MedCity FemFwd: Inside Winona’s New Women’s Health Research Initiative

    July 1, 2026
    US Health & Fitness

    Your Healthcare AI Strategy Is Probably an Architecture Problem

    July 1, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Don't Miss

    USMNT Defeat Bosnia 2-0 as Italy’s Absence Raises Questions in World Cup Shock Takeaways

    News DeskJuly 2, 20260

    Things in Italy are worse than we thought.That was one of the less expected but…

    Way Of The Sword’s Release Date Has Been Pushed Up To Avoid The Pre-GTA 6 Scramble

    July 2, 2026

    Colin from Accounts: Season Three Trailer Released Ahead of Comedy Series’ Paramount+ Premiere – canceled + renewed TV shows, ratings

    July 2, 2026

    Not Vaibhav Suryavanshi! Ajay Jadeja names India’s original ‘Boss Baby’ after explosive knock in Durham T20I

    July 2, 2026
    Tech news by Newsonclick.com
    Top Posts

    Password manager Dashlane says hackers stole some customers’ password vaults

    June 2, 2026

    3 Dollars reveal debut EP Plus Tax

    June 2, 2026

    Anil Kumble predicts India’s playing XI for one-off Test against Afghanistan

    June 2, 2026

    Unions flex muscle as states weigh data center rules

    June 2, 2026
    Stay In Touch
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    Editors Picks

    USMNT Defeat Bosnia 2-0 as Italy’s Absence Raises Questions in World Cup Shock Takeaways

    July 2, 2026

    Way Of The Sword’s Release Date Has Been Pushed Up To Avoid The Pre-GTA 6 Scramble

    July 2, 2026

    Colin from Accounts: Season Three Trailer Released Ahead of Comedy Series’ Paramount+ Premiere – canceled + renewed TV shows, ratings

    July 2, 2026

    Not Vaibhav Suryavanshi! Ajay Jadeja names India’s original ‘Boss Baby’ after explosive knock in Durham T20I

    July 2, 2026
    About Us

    NewsOnClick.com is your reliable source for timely and accurate news. We are committed to delivering unbiased reporting across politics, sports, entertainment, technology, and more. Our mission is to keep you informed with credible, fact-checked content you can trust.

    We're social. Connect with us:

    Facebook X (Twitter) Instagram Pinterest YouTube
    Latest Posts

    USMNT Defeat Bosnia 2-0 as Italy’s Absence Raises Questions in World Cup Shock Takeaways

    July 2, 2026

    Way Of The Sword’s Release Date Has Been Pushed Up To Avoid The Pre-GTA 6 Scramble

    July 2, 2026

    Colin from Accounts: Season Three Trailer Released Ahead of Comedy Series’ Paramount+ Premiere – canceled + renewed TV shows, ratings

    July 2, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • About Us
    • Editorial Policy
    • Privacy Policy
    • Terms and Conditions
    • Disclaimer
    • Advertise
    • Contact Us
    © 2026 Newsonclick.com || Designed & Powered by ❤️ Trustmomentum.com.

    Type above and press Enter to search. Press Esc to cancel.