A new Trellix threat intelligence report warns that rapid digitization and interconnectedness in healthcare have created a dangerous attack surface, with cyber incidents escalating from IT disruptions to a "patient safety crisis," Cybersecurity Dive reports.Based on 54.7 million detections from healthcare environments in 2025, the report identifies email as the top threat vector (85% of detections) and the U.S. as the primary target (75%). A "cascading effect," where one system's disruption paralyzes others, was the defining trend, with research cited showing lethal patient harm and increased mortality rates from attacks.Ransomware groups aggressively exploited sector vulnerabilities: Qilin matured into a high-tempo operation targeting EHR databases, INC Ransom launched 34 attacks, and new groups like Sinobi focused on biotech firms. Notably, extortion-only tactics surged by 300% since 2023, with actors demanding small per-patient ransoms ($50-$500) to bypass corporate insurance. Phishing remained the dominant initial access method (89% of incidents), but lures have evolved to target IT administrators with themes like "AI Transformation."
Threat Intelligence, Critical Infrastructure Security
Trellix: Healthcare cyberattacks now a safety crisis

Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



