Arctic Wolf has recently observed a campaign targeting the healthcare sector, where victims visiting the widely used physical therapy video site HEP2go are redirected to a fake CAPTCHA webpage when they attempt to visit multiple parts of the website. This CAPTCHA provides instructions that trigger PowerShell code execution and the eventual loading of infostealer malware.

Healthcare organizations managing multiple websites must protect Protected Health Information (PHI) while complying with HIPAA, HHS regulations, state laws, and global privacy requirements. Feroot DataShield AI provides automated monitoring and protection across distributed healthcare web environments.

Healthcare breaches don’t just steal data; they erode trust, disrupt care, and cost millions. The 2015 Anthem data breach compromised 78.8 million records. Since then, attacks have only grown in frequency and sophistication, pushing the average healthcare breach cost to.1 million in 2022 (IBM’s Cost of a Data Breach). For years, healthcare security has focused on perimeter defenses, yet breaches keep escalating.

There are a number of significant changes coming to Healthcare Cybersecurity requirements. While not all are finalized, they point the way towards Health and Human Services tightening the controls and requirements.

When it comes to security, 2024 was unfortunately a standout year for the healthcare sector. Kroll found that the healthcare industry was the most breached, had fairly immature incident response practices, and unfortunately suffered numerous cyberattacks culminating in a year that left healthcare boards thinking deeply of the overall risk to their businesses.

Community Health Center (CHC) is a non-profit founded in 1972 and headquartered in Middletown, Connecticut. It offers a broad range of services, including dentistry, primary care, urgent care, specialty medical services, and behavioral health. CHC provides healthcare services to residents in various parts of the state, including Bristol, Hartford, Waterbury, Middletown, Stamford, and New Britain.

Following the World Health Organisation (WHO) hosting a webinar to discuss the critical importance of cybersecurity in the healthcare sector, it is clear the severity of the situation the industry is facing is coming to the fore. Healthcare organizations are increasingly relying on digital systems to facilitate their daily workflow, but the prevalence of outdated legacy technology in the sector is rendering it vulnerable to cyberattacks with severe consequences.