Claroty Named a Leader in 2025 Gartner® Magic Quadrant™ for CPS Protection Platforms
Get the Report
 
English Español Français Italiano Português 日本語 한국어 繁體中文
Request a Demo
Claroty Toggle Search

Report

State of CPS Security: Healthcare Exposures 2025

Team82’s analysis of the riskiest connected medical devices exposed to ransomware and attacks leveraging insecure connectivity.

View the Report

Cybersecurity leaders inside hospitals and healthcare delivery organizations must acknowledge the risks posed by an ever-increasing number of so-called Internet of Medical Things devices coming online. As imaging systems, patient devices, health information systems, and more share data and are used in day-to-day diagnoses and treatment, the risk of a compromise threatens the availability and quality of patient care. 

In this report, Team82 quantifies the riskiest and most exposed healthcare devices, by taking into consideration not only the criticality of vulnerabilities in connected devices, but also whether devices contain known exploited vulnerabilities and are securely connected to the internet. We hope our analysis provides a road map for mitigating and remediating the most at-risk medical systems.

As imaging systems, patient devices, health information systems, and more share data and are used in day-to-day diagnoses and treatment, the risk of a compromise threatens the availability and quality of patient care.

Interested in learning about Claroty's Cybersecurity Solutions?

Request a Demo

Key Findings

Known Exploited Vulnerabilities in Healthcare Devices

More than 2.25 million IoMT and 647,000 OT devices inside 351 hospitals and HDOs were analyzed for this report.

Download Report

Quantifying the Riskiest Exposures

Close to 100% of hospitals and HDOs from our analysis are supporting connected devices and systems that contain known and exploited vulnerabilities. Ransomware groups and other threat actors are leveraging these flaws—and insecure connections to the internet, among other exposures—to extort huge ransom demands and threaten to cripple patient care among compromised facilities.

Download report

OT Exposures Threaten Hospitals Too

In healthcare, OT is represented mostly by building automation devices, building management systems, building automation controllers, universal power supplies, temperature sensors, and power distribution units. Building management systems (BMS), for example, are used to monitor and control heating and cooling systems, electrical systems, elevators, lighting, fire safety, water distribution, pneumatic tube systems, and other medication transfer systems.

A compromised BMS could make it impossible to properly store medications, such as insulin, that must remain in temperature-controlled environments. Elevators are essential, not only for guests visiting patients, for transporting patients between floors for treatment, surgeries, or imaging. Any disruption or manipulation of these systems could be devastating to patient care and cause unacceptable delays.

Download Report

In healthcare, OT is represented mostly by building automation devices, building management systems, building automation controllers, universal power supplies, temperature sensors, and power distribution units.

As imaging systems, patient devices, health information systems, and more share data and are used in day-to-day diagnoses and treatment, the risk of a compromise threatens the availability and quality of patient care.
In healthcare, OT is represented mostly by building automation devices, building management systems, building automation controllers, universal power supplies, temperature sensors, and power distribution units.
Claroty
LinkedIn Twitter YouTube Facebook