Home Insights Cyber security
Cyber security

Healthcare Cyber-Attacks: How to Protect Your Patients

Adam Dodds
Adam Dodds
9 January 2025 · 6 min read
Healthcare Cyber-Attacks: How to Protect Your Patients

Cyber-attacks pose an ever-growing threat to Australian healthcare providers. A data breach can not only disrupt services, but also undermines trust in the system as a whole, potentially preventing patients from seeking care. For this reason, it is critical to understand and effectively respond to the most damaging cyber-attacks healthcare organisations are likely to face. One way of doing this is by examining past examples, and the lessons that can be learned from them.

Understanding the Threat of Cyber-Attacks in Australian Healthcare

Health system cyber-attacks have become a top concern in Australia, with this industry being one of the most heavily targeted in recent years. Some reasons for this include:

  • Large amounts of sensitive information handled daily.
  • A lack of proactive cyber security measures, making providers vulnerable to attack.
  • The introduction of new technologies such as Internet of Things (IoT) devices, which typically lack proper security.

Many of these attacks exploit existing vulnerabilities within IT systems to steal or encrypt patient data, which can then be sold or used to extort providers. This surge in targeted cyber-attacks highlights the importance of a strong security posture.

Common Entry Points for Healthcare Cyber-Attacks

Outdated IT Systems and Software

One of the most significant threats facing healthcare is outdated technology. Legacy systems and unpatched software are easy targets, as they often contain known vulnerabilities that are relatively easy to exploit.

To mitigate this risk, healthcare providers should:

  • Regularly update IT infrastructure.
  • Replace outdated systems with modern, secure alternatives.
  • Conduct periodic security audits to identify and address vulnerabilities.
Social Engineering Tactics

Cyber-attacks in healthcare often use social engineering tactics, such as phishing. These are a popular choice because they entirely bypass traditional security measures by exploiting human nature. Threat actors will trick employees into clicking malicious links or sharing login credentials, granting them access to sensitive networks and data.

Healthcare providers can prevent these threats by:

  • Training staff to recognise phishing attempts.
  • Verifying suspicious emails and links before taking action.
  • Implementing email filtering systems to block malicious messages.

Exploring Some High-Profile Healthcare Cyber-Attacks

Case studies can help demonstrate the impact of health system cyber-attacks. Some high-profile examples include:

Eastern Health Cyber-Attack

Eastern Health, a major public health service located in Melbourne, experienced a cyber-attack in March 2021 that significantly disrupted hospital operations and prevented staff from accessing patient records. This necessitated a switch to manual systems and ultimately delayed operations such as elective surgeries and outpatient appointments, impacting patient care. Eastern Health collaborated with government agencies and security experts to investigate the cause of the breach and restore their systems.

Ardent Health Cyber-Attack

In late 2023, US-based provider Ardent Health services fell victim to a ransomware attack that forced emergency rooms to divert patients. When the incident was first noticed on November 23rd, Ardent responded by taking their network offline and initiating downtime protocols. They then engaged third-party cyber security providers to help them determine the scope of the incident and remove unauthorised access. It is believed that the Ardent Health cyber-attack likely led to some ongoing financial difficulties.

NSW Health Cyber-Attack

In November of 2021, NSW Health experienced a supply chain attack through an old payroll provider called Frontier Software. While NSW Health had stopped using this software years prior, their data of around 1,600 employees remained accessible and was breached. Frontier Software took immediate action to prevent further damage, and monitored the situation to ensure that no data had been uploaded to the dark web. NSW Health informed affected individuals that their data had been breached, and advised them to call IDCARE for support.

Barwon Health Cyber-Attack

The Barwon Health cyber-attack, which occurred in late 2019, disrupted access to IT systems and clinical applications. They initially responded by reverting to manual processes, then collaborated with federal and state government experts to improve their overall cyber security measures and prevent future incidents. The attack was first addressed on October 1st. By the end of that month Barwon was able to confirm that all systems were again operational, and that no patient or staff confidentiality appeared to have been compromised.

Cyber-Attacks in Healthcare: The Impact on Patient Data Security

Cyber threats such as the ones listed above can result in a wide array of negative consequences:

  • Lost data, leading to operational disruptions and worse patient care.
  • Legal consequences, if the provider is found to have neglected data security or failed to comply with regulations.
  • Damaged trust, potentially causing patients to go elsewhere or avoid seeking care.
  • Significant financial costs incurred by the response and recovery process, which can cause long-term harm to providers with limited budgets.

Some of these consequences can impact certain organisations more than others – for example, incidents like the NSW Health cyber-attack often result in particularly severe loss of trust, whereas smaller providers are likely to suffer worse financial difficulties. Healthcare organisations must take a proactive approach to security, to protect themselves and their patients.

Lessons Learned: How to Prevent Healthcare Cyber-Attacks

Regulatory Compliance

Compliance with laws and industry standards is non-negotiable. Frameworks such as the Essential 8 or NIST can help providers ensure that all regulatory requirements are met, reducing the likelihood of legal penalties. Incidents such as the Eastern Health cyber-attack also demonstrate the value of partnering with third-party security services where necessary, to improve overall security.

  • Review and align practices with regulatory requirements.
  • Conduct regular compliance audits to identify gaps.
  • Develop a culture of security awareness across the organisation.
Data Encryption and Secure Communication

Data encryption plays a crucial role in safeguarding patient information. This technique scrambles data so that even if threat actors gain access, they are not able to use it. This is particularly useful for preventing incidents such as the NSW Health cyber-attack, which could have been mitigated had Frontier Software used proper data encryption practices. It is also important to use secure communication channels, especially for conversations where sensitive information is being shared (such as telehealth appointments).

Advanced Threat Protection (ATP) Solutions

ATP solutions provide real-time monitoring and threat detection, enabling a faster response to potential attacks. This is instrumental in preventing incidents like the Barwon Health cyber-attack, where earlier detection could have significantly reduced the amount of damage caused. Endpoint protection, a security operations centre (SOC), and external security providers are all advanced solutions that can help businesses detect and mitigate threats.

Discover how Microsoft’s ATP software can protect your organisation

Make Security a Top Priority in Your Healthcare Organisation

The increasing frequency of cyber-attacks on Australian healthcare providers underscores the need for robust security measures designed to protect sensitive data. From addressing outdated systems to implementing more advanced solutions, a proactive approach can help organisations avoid data breaches and maintain patient trust.

Itopia understands the critical importance of data protection in the healthcare sector. That’s why we provide customised compliance and threat detection solutions, using the Essential 8 framework to strengthen your security posture and prevent breaches. Get in touch with a cyber security expert to learn more about how we can protect your organisation.

Adam Dodds
Adam Dodds

Adam leads the Itopia team in Brisbane, helping professional-services firms get secure, productive and confident with their technology, in plain English.

Keep reading

Related insights

Cyber security
6 min read

AI Phishing: The 2026 Threat Landscape Every Aussie Accountant Needs to Know

Read more →
Cyber security
4 min read

The Cybersecurity Duty of Care: Protecting Law Firms and Client Confidentiality

Read more →
Cyber security
5 min read

Why Financial Services Firms Need to Implement the ACSC Essential 8

Read more →

Want IT advice tailored to your business?

Talk to a local Brisbane technician, no jargon, no obligation.

Get a Quote Call 07 3063 2211