Healthcare Under Continuous Cyber Pressure, ISAC Warns

Ransomware crews, financially motivated groups, and some state-linked actors are all targeting providers, payers, and health tech vendors at once, driven by the sector’s low tolerance for downtime and the resale value of PHI. The advisory flags three pressure points: 1) third-party and supply-chain services that, if disrupted, can halt claims, pharmacies, or imaging; 2) internet-exposed or poorly segmented clinical/IoMT systems that give attackers fast lateral movement; and 3) uneven patching and identity controls across large health systems. Health-ISAC urges members to tighten external exposure, enforce MFA and privileged-access controls, increase logging/telemetry around vendor connections, and make incident response a board-visible function, because recent Change Healthcare–style events proved that one compromised service can cascade across the entire care ecosystem.

Source.