Trends in Malware Attacks against United States Healthcare Organizations, 2016-2017

Lauren E. Branch, Warren S. Eller, Tom K. Bias, Michael A. McCawley, Douglas J. Myers, Brian J. Gerber, John R. Bassler

Research output: Contribution to journalArticlepeer-review

12 Scopus citations


Introduction: The healthcare industry has begun seeing a new hazard develop against them-the threat of cyberattack. Beginning in 2016, healthcare organizations in the United States have been targeted for malware attacks, a specific type of cyberattack. During malware incidents hackers can lock users out of their own network to gain access to information or to hold the organization for ransom. With the increase in medical technology and the need for access to this information to provide critical care, this type of incident has the potential to put patient lives and safety at risk. Methods: A content analysis was conducted to assess the trend of attacks on healthcare organizations. U.S. Healthcare IT News and Becker’s Hospital Review were used to collect all publicly reported malware attacks against U.S. healthcare organizations between 2016 and 2017. A logic diagram was also developed to illustrate how hackers gain access to a healthcare network using malware. Results: There were 49 cases of malware attacks against U.S. HCOs identified. The attacks occurred across 27 states, and they took place during 18 out of 24 months. Six of the organizations reported paying ransom, whereas 43 organizations did not pay or did not report payment to the press. Impacts of these attacks range from network downtime to patient and staff records being breached. Discussion: Malware attacks have the potential to impact care delivery as well as the healthcare facility itself. Even though this study identified 49 malware attacks, we know this number is significantly higher based on data from HIMSS and the FBI. A reporting loophole exists in that hospitals are only required to report attacks in the case of breached protected health or financial data. For HCOs to fully understand the risk cyberthreats pose, it is important for attacks to become public information and for lessons learned to be shared. Future research reviewing identified attacks could help identify best practices for the healthcare industry to better prepare for cyberattacks.

Original languageEnglish (US)
JournalGlobal Biosecurity
StatePublished - 2019


  • Cyberattack
  • Healthcare
  • Hospitals
  • Malware
  • Ransomware
  • Threat
  • Trends
  • United States

ASJC Scopus subject areas

  • Law


Dive into the research topics of 'Trends in Malware Attacks against United States Healthcare Organizations, 2016-2017'. Together they form a unique fingerprint.

Cite this