Trustwave Blog

2025 Healthcare Cybersecurity Threats: Insights from the Trustwave Risk Radar Report

Written by | Mar 26, 2025
  • Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks targeting healthcare organizations, from ransomware to third-party threats.
  • Key Findings from the 2025 Trustwave Risk Radar Report – Explore critical insights on healthcare cybersecurity, attack trends, and the growing need for compliance.
  • Protecting Patient Data and Systems – Learn how healthcare providers can strengthen cybersecurity defenses and mitigate risks from evolving cyber threats.

The healthcare industry, with its highly prized electronic health records, a myriad of connected devices, continued use of legacy systems, and expanding telehealth services, is a premier target for threat actors.

To properly dissect the issues facing the healthcare industry, Trustwave SpiderLabs has updated its earlier healthcare cybersecurity coverage with the just-released 2025 Trustwave Risk Radar Report: Healthcare Sector - A New Era of Cybersecurity Challenges.

While previous Trustwave SpiderLabs reports focused on attack flows and threat actors in this industry, the new report takes on the emerging threats facing healthcare organizations.

The primary report is joined by two companion pieces:

There are also three accompanying webinars in which Trustwave SpiderLabs experts will explain the reports’ findings in greater detail.

  • The 2025 Healthcare Risk Radar Report: The latest trends in healthcare cyber threats
  • Deep Dive on Ransomware Trends and Impacts: How attackers are targeting patient care
  • Deep Dive on Unmasking Security Gaps: A real-world attack, analyzed step-by-step

Register here for all three webinars.

The report emphasizes that cybersecurity in healthcare is not just about protecting data—it's about safeguarding lives. Keeping these facilities secure is a fundamental obligation that mirrors the physician's Hippocratic Oath of "primum non nocere” or “do no harm".

By the Numbers: The Threats Facing Healthcare

How dangerous are these threats? The average data breach cost exceeds $9.7 million. Double the cross-industry average of $4.8 million, but the true cost and threat lie in the potential for compromised patient safety.

The report's findings note:

  • 45% of attacks exploited public-facing applications, and 56% of those were Log4j.
  • 21% of all ransomware attacks targeted public health and government healthcare targets.
  • 51% of ransomware attacks targeting the healthcare industry struck US-based companies
  • The threat group Ransomhub was responsible for 9% of all attacks.
  • Third-party threats within supply chains continue to pose significant risks to compliance efforts.

 

Setting the Stage for Success

This report equips healthcare professionals with the knowledge and strategies necessary to navigate this complex cybersecurity terrain, ensuring that patient safety, data integrity, and regulatory compliance remain paramount in the face of evolving cyber threats.

Trustwave SpiderLabs includes detailed descriptions of the adversarial groups that favor healthcare targets, the gaps our researchers have found in healthcare cybersecurity, and how lapses in patching and credential management allow attackers access.

The report also breaks down and explains the maze of compliance regulations these organizations must navigate daily and the risk posed by the long and involved supply chains required for these facilities to operate at peak efficiency. Addressing third-party threats within these supply chains is critical for maintaining cybersecurity resilience in healthcare.

The healthcare industry must remain vigilant in fortifying its defenses. The 2025 Trustwave Risk Radar Report: Healthcare Sector provides a crucial roadmap for healthcare organizations to understand emerging threats, mitigate risks, and protect both patient data and lives. By shedding light on adversarial tactics, security gaps, and ransomware trends, this report empowers healthcare leaders to take proactive measures in securing their networks, systems, and supply chains.