DNSSecurity

Managing Cyber Attacks in the Health Care Industry

The health care industry is more susceptible to cyber attacks than any other industry today.

Last updated: September 15, 2025

An avatar of the author
BlueCat
Digital healthcare icons over a person’s face on code background, illustrating cyber risk in the health care industry
Key takeawaysThis key takeaway was generated through LLMs crawling the page and coming up with an overview of the content.

The article explains that the health care industry is significantly more vulnerable to cyber attacks than other sectors, citing research showing much higher rates of data theft, security incidents, advanced malware, and phishing. It highlights common threat sources such as external hackers, third-party data sharing, employee breaches, and inadequate network controls, and notes that recent EHR adoption and high-value patient data increase risk. The piece recommends proactive defenses—early threat detection, user education, breach response planning—and specifically suggests leveraging DNS infrastructure and DNS firewalls to block malicious activity before it reaches critical applications and services.

Why is the health care industry more attractive to cybercriminals according to the article?

The article indicates health care is more attractive because organizations hold high-value patient data and many have only recently implemented electronic health record (EHR) systems, meaning mature data protection practices may be lacking. These factors, combined with documented higher likelihoods of data theft, security incidents, advanced malware, and phishing, create a fertile environment for attackers. Additionally, common operational weaknesses—such as sharing data with third parties, employee breaches, wireless computing risks, and inadequate firewalls—further increase appeal to cybercriminals.

What specific threats and their prevalence does the article identify for health care organizations?

The article cites research showing health care is 200% more likely to encounter data theft, 340% more likely to be targeted by security incidents and attacks, 400% more likely to be impacted by advanced malware, and 74% more likely to be affected by phishing schemes. It also lists the most common threat sources and their prevalence: external hackers (65%), sharing data with third parties (48%), employee breaches/theft (35%), wireless computing (35%), and inadequate firewalls (27%). KPMG research is referenced noting 81% of health care executives reported malware, botnets, or cyber attacks in the past two years.

How can DNS infrastructure help health care organizations improve their security posture?

The article recommends leveraging DNS infrastructure as an additional layer of protection because DNS is the starting point for connectivity and is used by all devices to reach sites and applications. Implementing a DNS firewall can help block malicious activities at DNS resolution time, preventing connections to malicious domains before they reach critical applications and services. This approach supports early threat detection and containment, complementing user education and breach response measures to reduce the operational impact of attacks.

The health care industry is more susceptible to cyber attacks than any other industry today. Recent research by Raytheon/Websense found some startling trends. Compared to other industries, healthcare is:

  • 200% more likely to encounter data theft
  • 340% more likely to be the target of security incidents and attacks
  • 400% more likely to be impacted by advanced malware
  • 74% more likely to be impacted by phishing schemes[1]

KPMG found that 81% of health care executives reported that their organizations were hit by malware, botnets, and cyber attacks at least once in the past two years[2]. The most common threats to healthcare include:

  • External hackers (65%)
  • Sharing data with third-parties (48%)
  • Employee breaches/theft (35%)
  • Wireless computing (35%)
  • Inadequate firewall (27%)2

This doesn’t come as a surprise. Considering that electronic health care record (EHR) systems have only recently been implemented, organizations don’t necessarily have the proper data protection best practices in place. Combine that with high-value health care data, this industry is a breeding ground for cybercriminals.

“After seeing their peers and competitors breached, health care organizations understand that now is the time to take steps to defend their organizations from top to bottom.”

Recent media coverage of high-profile incidents has encouraged discussions of enterprise security amongst board members. As one analyst remarks, “After seeing their peers and competitors breached, health care organizations understand that now is the time to take steps to defend their organizations from top to bottom.”[3] As a result, health care organizations need to come up with security measures – early threat detection, user education, and breach responses3 – from the get-go, rather than dealing with the aftermath of cyber attacks.

Leveraging your DNS infrastructure is a good place for additional layers of protection. DNS is the starting point for connectivity and is used by all devices to connect to sites and applications. Creating a DNS firewall can help block malicious activities before they reach critical applications and services.

Read the full article: Health Care Industry Susceptible to Cyber Attacks. [1] WEBSENSE® 2015 THREAT REPORT, Ratheon | Websense http://www.websense.com/content/2015-healthcare-industry-drilldown.aspx?cmpid=pr
[2] http://advisory.kpmg.us/content/dam/kpmg-advisory/PDFs/ManagementConsulting/2015/KPMG-2015-Cyber-Healthcare-Survey.pdf
[3] WEBSENSE® 2015 THREAT REPORT, Ratheon | Websense http://www.websense.com/content/2015-healthcare-industry-drilldown.aspx?cmpid=pr

Published in:

DNSSecurity

Published on: November 17, 2015

An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

BlueCat and Cisco graphic stating “Get DDI data from BlueCat in Cisco Cloud Control” for AI-driven network operations
Blog

BlueCat DDI data boosts Cisco Cloud Control AI-driven operations

BlueCat’s integration with Cisco Cloud Control provides AI agents with access to trusted DDI data for network investigation and remediation.

Read more
Flock of geese flying in formation across a blue sky, framed by a pink graphic border, symbolizing coordinated network migrat
Blog

Automate your DDI modernization path by migrating with Micetro

Automate cross-platform DNS and DHCP migration with Micetro to reduce risk, eliminate manual effort, and modernize infrastructure faster.

Read more
Close-up of interlocked metal chain links symbolizing connected network objects and relationships in IPAM
Blog

How to map your network with user-defined links in Integrity X

Map your network with user-defined links in Integrity X to define and manage custom relationships, such as dual-stack and NAT environments.

Read more
Three armored figures walking toward a futuristic Las Vegas skyline with pyramids, glowing orb, and "Welcome to Fabulous Las
Blog

Your journey to intelligent NetOps begins at Cisco Live

Visit BlueCat’s booth or book a meeting now to learn more about how our solutions can help you build a network that supports constant change.

Read more