World Patient Safety Day 2025: Protecting patients from AI-driven cyberattacks

Check Point Software Technologies Ltd. (NASDAQ: CHKP), a pioneer and global leader of cyber security solutions, Check Point’s data-rich report highlights regional trends and real-world examples for the World Patient Safety Day 2025 this week.

RELATED: International Identity Day 2025: Identity is not a privilege – it’s a right

“On World Patient Safety Day 2025, the focus must extend beyond clinical errors to the hidden risks of cyberattacks on healthcare,” says Kingsley Oseghale, Country Manager West Africa, Check Point Software Technologies. 

According to Check Point Research, Africa has recorded an average of 3,575 weekly attacks per healthcare organisation in 2025 – an increase of 38% YoY. This was largely driven by accelerated rollouts of e-health systems and mobile patient services outpacing security training and infrastructure.

According to Oseghale, Nigeria’s emerging private healthcare sector is under threat.  

“As a country, which is in desperate need of adequate healthcare services to cater to our growing population, we need to ensure our healthcare systems are adequately protected,” he says.

ADVERTISEMENT

“Attacks are no longer about stolen data alone — they cause delayed surgeries, forced emergency diversions, and altered treatment plans, directly endangering patients,” he adds.

According to Health-ISAC  92% of healthcare organisations experienced at least one cyber incident, exposing more than 276 million patient records worldwide.

Hospitals As Prime Targets of Attacks

Healthcare is now one of the top three most attacked industries globally. From the beginning of 2025 until the end of August, healthcare organisations worldwide experienced an average of 2,465 cyberattacks per week — a 17% increase year-on-year and significantly higher than the global average of 1,963 weekly attacks across all sectors, according to Check Point Research. 

Latin America recorded the highest regional volume, with 4,539 weekly attacks per organisation (+63% YoY). This surge reflects the region’s rapid digitalisation of health services without matching investment in cybersecurity controls, leaving large numbers of public and private clinics vulnerable. 

At the country level, the Netherlands emerged as the most targeted in the healthcare sector with 3,216 attacks per organisation (+31% YoY), reflecting its dense concentration of advanced hospitals and cross-border research projects. The United States recorded the sharpest YoY increase at 40%, underscoring how lucrative its healthcare data remains for extortion-focused groups. Sweden (2,618 +3%), Belgium (2,527 -4%), and Israel (2,206 flat) continue to face steady threats, while Canada (+25%) and Germany (+4%) are seeing renewed attacks on regional hospital networks. In contrast, the UK (-18%) and France (-21%) recorded declines due to increased investment in proactive cyber controls and coordinated public-sector initiatives.

ADVERTISEMENT

“This surge stems from rapid digitisation, mixed legacy systems, and a shortage of cyber security staff, creating a perfect storm for attackers seeking high-value patient data and disruption leverage,” Oseghale.

AI: The Double-Edged Sword in Healthcare

Artificial intelligence is transforming healthcare through predictive diagnostics, clinical decision support, and patient engagement apps but healthcare has always been a prime target for cybercriminals because of its vast stores of sensitive data, complex IT environments with legacy systems, and steep regulatory penalties that make ransom demands lucrative. 

Artificial Intelligence is now amplifying this dynamic on both sides. Attackers are using AI tools to write malware without deep coding expertise, craft polished phishing emails, and create realistic deepfakes of healthcare leaders — making scams harder to detect and attacks faster and more scalable. 

Generative AI can also poison training data for clinical algorithms, produce deepfake authorisations, or craft personalised lures from stolen patient data — amplifying the scale and precision of attacks. It has now become a situation of “AI against AI,” with attackers using AI to infiltrate systems and defenders trying to keep pace.

At the same time, AI has become an indispensable defensive tool. AI-powered systems can analyse network traffic and user behaviour in real time, automatically block ransomware and phishing attempts, strengthen encryption and access controls, prioritise vulnerability patches, and even predict weaknesses before exploitation. In the event of a breach, AI-powered response platforms can triage and contain threats quickly, reducing the average cost of a healthcare data breach to $7.4 million from $9.7 million last year according to IBM. By adopting a “converged cyber-AI” approach that integrates AI across the security stack, hospitals can proactively counter the dynamic and complex threat landscape while safeguarding patient data and maintaining operational integrity.

Check Point Research recently blocked 7,000+ phishing emails impersonating Zocdoc and other providers across 300 organisations. 

From Data Breach to Bedside Harm

Connected medical devices (IoMT) — infusion pumps, wireless heart monitors, smart inhalers — are revolutionising care but are rarely secured to the same standard as hospital networks. The 2017 WannaCry ransomware outbreak infected 1,200 diagnostic devices across the NHS, forcing five emergency departments to close and cancelling 19,000 appointments. This means cybercrime can now harm patients directly, not just their records.

Medical identity theft victims spend on average 210 hours and $2,500 reclaiming their identities according to Health-ISAC. Stolen health data is repackaged into “identity kits” for fraud, fake prescriptions, or extortion, undermining patient trust and overloading staff with remediation. Hospitals risk regulatory fines, reputational damage, and operational disruption when data breaches cascade into direct patient harm.

Cyber security for Patient Safety

Patient safety now depends on cyber security as much as clinical quality. Five key steps stand out:

1. Continuous Staff Education – Regular phishing and social-engineering training.

2. Full Asset Visibility – Map all cloud, IoT, and legacy tech to identify blind spots.

3. Zero Trust & Network Segmentation – Limit lateral movement and assume compromise.

4. Prevention-First, AI-Powered Security – Move beyond detection to blocking attacks before they execute.

5. Platform Consolidation – An integrated security architecture (such as Check Point Infinity) covers users, devices, and data end-to-end.

Combined with new healthcare cybersecurity safety guidelines for IoMT manufacturers and sector-wide intelligence sharing, these steps reduce risk and lighten the load on already stretched CISOs.

“Cyber security in healthcare is no longer just about protecting data — it’s about protecting lives. As connected devices, AI-driven apps, and vast patient datasets converge, the attack surface for harm grows exponentially. By embedding prevention-first, AI-powered security into every layer — from device design to app governance to data protection — we can ensure that innovation in healthcare translates into safer, more resilient care for every patient,” Oseghale concludes.”