ORLANDO, Fla., Jan. 26, 2026 (GLOBE NEWSWIRE) -- Health-ISAC today released its 2026 Global Health Sector Threat Landscape Report, providing a detailed analysis of the cyber and physical threats affecting health organizations worldwide. The report underscores a continued surge in ransomware activity, growing exploitation of third-party suppliers, and the emergence of sophisticated social engineering tactics designed to bypass traditional security controls – threatening operational continuity and patient care.
The report identifies ransomware as the most persistent and damaging threat to the health sector in 2025. Health-ISAC tracked 455 ransomware incidents globally targeting health organizations, underscoring the ongoing business and clinical impact of profit-driven cybercriminals. Ransomware groups, including Qilin, INC Ransom, and SAFEPAY, were among the most active in targeting health entities.
“The Health sector has become one of the most targeted sectors in the world, not because it’s the easiest, but because the consequences of disruption are so severe,” said Errol Weiss, Chief Security Officer (CSO) at Health-ISAC. “This report is a clear warning: cyber threats are no longer isolated events. They represent life-saving business continuity crises that can impact patient care, staff safety, and public trust.”
Beyond ransomware, the report emphasizes the growing role of supply chain and third-party compromise, as adversaries increasingly target vendors to gain access at scale. The findings reinforce a critical reality: even organizations with strong internal security may remain vulnerable through a partner, platform, managed service provider, or widely used software solution.
The report also highlights the latest tactics in deception-based attacks, including QR code phishing (“quishing”) and new social engineering techniques such as ClickFix and FileFix, which exploit human behavior to deliver malware and reduce the effectiveness of traditional security awareness strategies.
In addition, Health-ISAC included findings from a member survey of nearly 250 health executives and cybersecurity professionals, who ranked ransomware, phishing, third-party compromise, and exploitation of newly discovered software flaws among the top risks facing the sector. Respondents also cited growing concern around AI-enabled tactics heading into 2026.
To read the full report, click here.
About Health-ISAC
Health-ISAC (Health Information Sharing and Analysis Center) is a non-profit, member-driven organization dedicated to protecting the global health sector from cyber and physical threats. Through real-time alerts, collaboration, and usable intelligence, Health-ISAC helps healthcare organizations improve security and resilience.
Media Inquiries: Mary Stratton, AVP of Marketing, contact@health-isac.org +1 321-593-1470
