+353-1-416-8900REST OF WORLD
+44-20-3973-8888REST OF WORLD
1-917-300-0470EAST COAST U.S
1-800-526-8630U.S. (TOLL FREE)

Coronavirus Disease 2019 (COVID-19) Case Study - A Look at Increased Cybersecurity Risk Across the Healthcare Industry

  • PDF Icon


  • 66 Pages
  • September 2020
  • Region: Global
  • GlobalData
  • ID: 5147741
Coronavirus Disease 2019 (COVID-19) Case Study - A Look at Increased Cybersecurity Risk Across the Healthcare Industry


The COVID-19 pandemic has increased cyber risk significantly, with certain situations being exploited by malicious actors during the crisis. This includes a rush to utilize remote working with little time to plan or train employees, a high demand for personal protective equipment (PPE), lockdown measures, reduced mobility, and increased fear and anxiety among the public. This case study contains a review of the rise in cyber attacks on the healthcare industry seen during the COVID-19 pandemic, with examples of attacks on biopharmaceutical and research companies, hospitals, payers, and other healthcare providers.

Key Highlights
  • Hospitals and healthcare providers are particularly vulnerable to attacks. For most hospitals and other healthcare providers, focus and resources during the COVID-19 healthcare emergency have been on fighting the pandemic. Unfortunately, this means that many have been left vulnerable to cynical cyber attacks. Smaller organizations or those that have not invested in cybersecurity could be particularly vulnerable to attacks. These vulnerabilities will only be heightened further with increased use of virtual care and connected devices during the pandemic, such as telemedicine and remote patient monitoring. Healthcare providers need to ensure that basic measures are in place to minimize risk and disruption from cyber attacks.
  • Hospitals and healthcare providers will be supported by the cybersecurity community during the pandemic. Initiatives by leading cybersecurity companies will help keep many hospitals and healthcare providers safe during the COVID-19 pandemic, allowing them to focus on saving lives. This crisis has highlighted serious gaps in cybersecurity measures undertaken by many healthcare organizations. Criminals will continue to exploit these once the pandemic has abated. Hospitals and providers will need to invest in stronger post-COVID cybersecurity strategies to prevent these attacks in the future.
  • Biopharmaceutical and research companies are prime targets for cyber criminals. The biopharmaceutical and research industries are key targets for state-sponsored groups looking to steal IP and other valuable information, as well as from hacktivists. While some hackers have stated they will not target healthcare providers during the pandemic for ethical reasons, biopharmaceutical and research companies are unlikely to be spared from cyber attacks. Research institutes are particularly vulnerable to attacks as they are smaller organizations with less resources and funding to focus on cybersecurity. The fact that Russia has recently approved the first COVID-19 vaccine should be of considerable concern to those working in the field, and research institutes need to improve their cybersecurity measures significantly.
  • The biopharmaceutical industry was investing in cybersecurity prior to the pandemic. While recent examples show that research institutes are vulnerable to attacks, the biopharmaceutical industry was already investing in this technology prior to the pandemic, with plans to increase spend even more in this area in the future. Compared to research institutes, the biopharmaceutical industry is probably better prepared for a cyber attack. However, companies need to continue to train and educate staff on cybersecurity best practices, especially as remote working becomes the norm.


This case study contains the following -
  • A review of why the healthcare industry is vulnerable to cyber attacks
  • An assessment of the increased risk of cyber attacks during the COVID-19 pandemic
  • An overview of what companies should do to combat the threat of cyber attacks
  • Examples of cyber attacks on hospitals, payers, and other healthcare providers
  • Examples of cyber attacks on biopharmaceutical and research companies
  • Examples of cybersecurity provider responses to the pandemic

Reasons to Buy
  • Get an overview of why the healthcare industry is vulnerable to cyber attacks and what companies should do to combat risk.
  • See examples of cyber attacks across the healthcare industry and what these companies did in response to these.
  • See what cybersecurity providers are responding to the pandemic by providing support to the healthcare industry.

Table of Contents

Why Is the Healthcare Industry Vulnerable to Cyber Attacks?
  • Access to Sensitive Data Leaves the Industry Vulnerable to Cyber Attacks
  • Cyber Attacks Can Have Devastating and Long-lasting Consequences
  • NHS: WannaCry Cyber Attack Led to Widespread Appointment Cancellations
  • FDA Recalls Abbott’s Pacemakers Due to Cybersecurity Vulnerabilities
  • Boston Children’s Hospital: Anonymous DDoS Attack Disrupted Patient Care
  • Merck: NotPetya Cybersecurity Attack on Global Operations
  • Anthem: Email Phishing Cyber Attack Caused Huge Data Breach

Increased Risk of Cyber Attacks as a Result of COVID-19
  • Lockdown Measures Are Being Exploited During the Pandemic
  • Remote Working is Here to Stay
  • Demand for Telemedicine Has Surged During the Pandemic
  • Microsoft Reports Vulnerabilities in Its VPN Appliances Have Been Exploited During the Pandemic
  • Security Bodies Warned of Increased Risk of Cyber Attacks on the Healthcare Industry During COVID-19
  • How Can the Healthcare Industry Combat the Threat of Cyber Attacks?
  • The Need for Security Will Drive Spending Despite the Economic Impact of COVID-19

Cyber Attacks on Hospitals, Payers, and Other Healthcare Providers
  • Hospitals and Healthcare Organizations Have Been Targeted by Cyber Attacks During the Pandemic
  • The World Health Organization
  • US Department of Health and Human Services
  • Illinois Public Health Agency
  • The Affordacare Urgent Care Clinic in Texas
  • Brno University Hospital
  • Assistance Publique - Hopitaux de Paris
  • Magellan Health
  • Blue Cross and AmeriHealth

Cyber Attacks on the Biopharmaceutical and Research Industry
  • Biopharmaceutical Companies and Research Institutes are Currently Major Targets of Cyber Attacks
  • National Security Warnings Issues About Chinese and Russian Cyber Attacks Targeting COVID-19 Research
  • Hammersmith Medicines Research Maze Ransomware Attack
  • University of California, San Francisco NetWalker Attack
  • Cybersecurity Is a Leading Emerging Technology for Pharma
  • Pharma Spend on Cybersecurity Expected to Increase in the Future

Cybersecurity Vendor Response to the Pandemic
  • Cybersecurity Alliances and Companies Are Providing Support to Healthcare Providers in Response to the Pandemic
  • The Cyber4Healthcare Initiative
  • The Cyber Alliance to Defend our Healthcare
  • Other Cybersecurity Resources Available to Healthcare Providers During the Pandemic

Key Takeaways
  • Methodology
  • Our Thematic Research Methodology
  • Abbreviations
  • Related Reports
  • Bibliography
  • About the Authors
  • About the Publisher

Companies Mentioned (Partial List)

A selection of companies mentioned in this report includes, but is not limited to:

  • Merck Inc.
  • National Health Service (NHS)
  • Abbott
  • Anthem
  • Boston Children's Hospital
  • World Health Organization (WHO)
  • US Department of Health and Human Services
  • Magellan Health
  • Independence Blue Cross
  • AmeriHealth New Jersey