- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Type of Threat or Opportunity >
- Trend snippet: Cyberthreats in the Dutch healthcare sector throughout 2023
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
Cyberthreats in the Dutch healthcare sector throughout 2023
Ransomware and data breaches pose a serious threat in healthcare. This is mainly due to new phishing techniques used by criminals and attackers becoming faster at exploiting vulnerabilities.
Ransomware
The number of ransomware incidents in healthcare globally increased significantly in 2023. However, this trend has not been recognized in the Netherlands and Europe. Due to new phishing techniques used by criminals and attackers becoming faster at exploiting vulnerabilities, Z-CERT expects the threat to the healthcare sector in the Netherlands to rise.
Not only large organizations fall victim to ransomware attacks, but also small organizations with 50-200 employees are often targeted. For 2024, Z-CERT predicts many ransomware attempts and several major incidents.
Z-CERT observes that suppliers are more often affected than healthcare institutions. Suppliers and the transition to the cloud therefore bring new risks. The growing digital dependency justifies a greater focus on suppliers. In 2023, 9 percent of respondents reported ransomware incidents involving suppliers.
Data Breaches and DDoS Attacks
Data breaches can also have a significant impact on healthcare. These breaches can result from hacking attempts, credential phishing attempts, lack of multifactor authentication, malware, misconfigurations, and careless handling of equipment.
Moreover, Z-CERT notes a greater threat of DDoS attacks from politically motivated hacktivists. In 2023, fifteen Dutch hospitals were affected by DDoS attacks, mainly due to geopolitical issues such as the war in Ukraine. Hacktivists actively target Dutch hosting parties, which has consequences for the healthcare sector.
Cyber Espionage and CEO Fraud
In 2024, cyber espionage by state actors remains a threat to healthcare institutions conducting relevant scientific research or holding personally identifiable information interesting to state actors. Over the past year, state actors have succeeded in gaining access to organizations through the supply chain.
A much more common phenomenon is digital financial fraud, such as CEO fraud, fraudulent invoices, and fraudulent webshop orders. We expect criminals to make many attempts to commit financial fraud in 2024.
Developments in AI
Efforts to commit financial fraud can be enhanced through the use of generative AI, particularly known through 'large language models' (such as ChatGPT). The use of AI in cyberattacks is expected to increase. AI deployment may also lead to harder-to-detect phishing attacks or the use of advanced fake audio and video in the near future.
On various fronts, the number of attacks is increasing, while new techniques are emerging, posing challenges. It is essential to maintain good cyber hygiene and improve measures to stay ahead of threats.