If you work in Life Sciences or Healthcare, the cyberthreat landscape for the last two years has been a frightening one. The sectors’ centrality to the COVID-19 pandemic coupled with the acceleration and expansion of digital communication and collaboration channels and processes, the life sciences and healthcare sectors have been a top target for threat actors.


To understand the current cyberthreat landscape and the position of companies in the life sciences and healthcare industries, the Health Information Sharing and Analysis Center (H-ISAC) surveyed 132 executives from various organizations within these industries and their subsectors.

The November 2021 survey asked executives to rank their greatest cybersecurity concerns, with the intent to “help influence cybersecurity budget and investment decisions for senior leaders and practitioners in the healthcare sector by providing an overview of the current cyberthreat landscape and projections going forward.”

Here’s what you need to know.

What are Life Sciences and Healthcare Companies Worried About?

During the pandemic, threat actors doubled down on ransomware attacks and scams, targeting almost every aspect of the two sectors – from the supply chains, to the employees, to the third-party providers they’re relying on. These attacks resulted in massive financial damage and loss of intellectual property. According to the U.S. Federal Bureau of Investigation (FBI), financial losses due to cybercrime among US companies have increased from $1.5 billion to $6.9 billion. 

The survey respondents included executives (e.g., CEOs, CISOs, CFOs) across life sciences sectors (e.g., pharmaceuticals, biotech), various healthcare organizations, and healthcare subsectors (e.g., providers, payers, medical device manufacturers, health IT).

According to them, the top threats are:

  • Ransomware Deployment 
  • Phishing/Spear-Phishing Attacks 
  • Third-Party/Partner Breach 
  • Data Breach 
  • Insider Threats

What’s notable about these risks is that an increasing number of them are executed by both nation-state and organized cybercriminal threat actors. As the pandemic continues to make life difficult for the world in general, threat actors continue to conduct cyber espionage to steal vaccine and treatment information while cybercriminals lock up or expose data for financial reward.

The most prominent state-sponsored attacks have been traced back to China and Russia;  in particular, Advanced Persistent Threat (APT) groups from these countries have made headlines and wreaked havoc on life sciences and healthcare companies in the US.

Cyber espionage from nation-state activity will continue to increase. Geopolitical issues – such as tensions between Russia and Ukraine, and China and Taiwan – will continue to be reflected in cyberspace. There are no indications of these threats progressing into destructive malware or life-threatening attacks. However, we can expect to continue to see intellectual property (IP) and sensitive data theft carried about by these nation-state threat actors.

Taking Health Records Hostage

The advancements in technology for healthcare and life science organizations have resulted in unprecedented interconnectedness and the breakdown of data and communication silos.

However, this has also opened up opportunities for bad actors and expanded the landscape of cyber threats in life sciences and healthcare. From these industries, threat actors continue to attempt stealing personally identifiable information (PII), because it’s one of the most lucrative data sets that cybercriminals can sell on the black market. According to the report:

“Threat actors can expect to receive $1 per stolen Social Security Number or credit card number but can demand $50 for a partial health record.”

Healthcare companies suffer costly repercussions, legal dilemmas, and disruptions to life-saving care and emergencies, all because of stolen patient data. Unfortunately, most remote medical devices are unprotected, not easy to update, and virtually open up various entry points for threat actors.

Threat actors will continue to exploit opportunities from vaccine data and research around the COVID-19 pandemic. Moreover, there will be an increase in Ransomware-as-a-Service (RaaS) and commodified malware attacks, as cybercrime groups double down on this new attack model and become more agile.

Cybercriminals will also continue to leverage underhanded tactics, like targeting critical systems and threatening to disclose sensitive patient data, to try and force healthcare providers to pay off the ransom immediately without allowing time for investigation.

While the top five cyber threats in life sciences and healthcare stated above may come as no surprise, it’s worth noting the shift in tactics to deliver malware/ransomware, phish employees, etc. The 2020 Verizon Data Breach Investigations Report noted a sharp increase in social engineering. Additionally there was a sea change in breach behavior, with 85% of breaches the result of exploiting a human vulnerability, as opposed to just 3% accessing systems via application vulnerabilities.

To learn more, read Health-ISAC’s First Annual Current and Emerging Healthcare Cyber Threat Landscape here.

A More Robust Cybersecurity System Is in Demand

Attacks on healthcare, biotech, and pharmaceutical industries will only continue to get worse. And while digital communication tools can drive faster innovation and transform provider communications and field force interactions with HCPs, securing these systems is still top priority. Advanced Natural Language Understanding that can glean the context and intent of communications can help enterprises spot social engineering early, and interrupt attacks earlier in the kill chain.

Streamlining your security and compliance oversight to reduce your business communication overall risk profile is key to facing cyber threats in life sciences and healthcare today. Contact SafeGuard Cyber to find out how you can secure your cloud workplace and detect and respond to communication risks today.

If you are interested in learning more about the SafeGuard Cyber solution, you can take a quick 5-minute tour.

Explore Security Product