Threat Intelligence, Critical Infrastructure Security

Trellix: Healthcare cyberattacks now a safety crisis

A new Trellix threat intelligence report warns that rapid digitization and interconnectedness in healthcare have created a dangerous attack surface, with cyber incidents escalating from IT disruptions to a "patient safety crisis," Cybersecurity Dive reports.

Based on 54.7 million detections from healthcare environments in 2025, the report identifies email as the top threat vector (85% of detections) and the U.S. as the primary target (75%). A "cascading effect," where one system's disruption paralyzes others, was the defining trend, with research cited showing lethal patient harm and increased mortality rates from attacks.

Ransomware groups aggressively exploited sector vulnerabilities: Qilin matured into a high-tempo operation targeting EHR databases, INC Ransom launched 34 attacks, and new groups like Sinobi focused on biotech firms. Notably, extortion-only tactics surged by 300% since 2023, with actors demanding small per-patient ransoms ($50-$500) to bypass corporate insurance. Phishing remained the dominant initial access method (89% of incidents), but lures have evolved to target IT administrators with themes like "AI Transformation."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds