The healthcare sector faces a consistent threat from both nation-state and eCrime adversaries.
Nation-state adversaries have traditionally targeted the healthcare sector for espionage purposes, seeking proprietary and research information that can support their own nation’s efforts in the industry. In the eCrime landscape, ransomware operations and information theft against healthcare entities are assessed to pose a persistent threat. Multiple operations, including those conducted by Big Game Hunting (BGH) adversaries, have been observed targeting this sector with operators exfiltrating information prior to initiating their ransomware, placing additional pressure on the victim by threatening to expose potentially sensitive and personal information.
With the emergence of the COVID-19 pandemic in 2020, the healthcare sector has further come under acute risk of cyber exploitation. The COVID-19 pandemic has initiated a wave of cyber activity from both eCrime and nation-state adversaries that are taking advantage of the uncertainty around the pandemic to launch spam campaigns, or—in the case of targeted intrusion adversaries—have new collection requirements on scientific information that could assist a national government in its COVID-19 response and vaccine development.