In the first half of 2024, there has been a concerning 32% increase in critical cyber attacks targeting medical organizations, as reported by MTS Red. These attacks pose a serious threat by potentially leading to the leaking of patients’ data, infrastructure destruction, and interruptions in medical services.
MTS Red also highlighted that not only have the number of attacks risen significantly, but their share in the total volume of information security incidents has also increased. While in the first half of the previous year they accounted for approximately 6%, in 2024 they make up almost 19% of the total. This surge is particularly alarming considering that the overall number of attacks on medical organizations has only grown by less than 10% in the same period.
Earlier this year, analysts at MTS observed a rise in hacker attacks targeting critical information infrastructure (KII) objects in Russia, with about 69% of all attacks directed towards related organizations. Among these, the healthcare sector ranks second in terms of attacks, trailing only behind the industry sector.
The rates of cyber threats against the medical field continue to escalate rapidly. In the second quarter, MTS Red documented a 65% increase in attacks on healthcare organizations compared to the first quarter. The months of May and June saw attacks surpassing the average monthly figures from the start of the year by 2-2.5 times.
MTS Red provided insight into why the healthcare sector has become an attractive target for hackers. The industry is heavily digitized, processing vast amounts of personal and confidential data whose exposure could trigger significant repercussions. Furthermore, healthcare is classified as critical information infrastructure, making its operational continuity crucial for the nation’s citizens. Due to the industry’s relatively low cybersecurity maturity, hackers can carry out impactful attacks without the need for extensive financial or resource investments.
Among the most common types of incidents, attempts to circumvent protective measures account for 36% of all attacks. Network attacks and the introduction of malicious software come in second place, each comprising about a quarter of the total attacks. Incidents involving violations of information security policies and unauthorized actions by information system administrators are recorded in 5% of cases.