惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Application and Cybersecurity Blog
Application and Cybersecurity Blog
T
Threat Research - Cisco Blogs
Latest news
Latest news
Project Zero
Project Zero
TaoSecurity Blog
TaoSecurity Blog
Cyberwarzone
Cyberwarzone
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Google DeepMind News
Google DeepMind News
P
Privacy & Cybersecurity Law Blog
T
Troy Hunt's Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
AWS News Blog
AWS News Blog
Hacker News: Ask HN
Hacker News: Ask HN
S
Security @ Cisco Blogs
C
Cisco Blogs
Help Net Security
Help Net Security
I
Intezer
W
WeLiveSecurity
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
腾讯CDC
S
Secure Thoughts
MyScale Blog
MyScale Blog
Recorded Future
Recorded Future
G
GRAHAM CLULEY
L
LINUX DO - 热门话题
A
About on SuperTechFans
C
CXSECURITY Database RSS Feed - CXSecurity.com
IT之家
IT之家
J
Java Code Geeks
The Hacker News
The Hacker News
阮一峰的网络日志
阮一峰的网络日志
Scott Helme
Scott Helme
Recent Announcements
Recent Announcements
AI
AI
Cisco Talos Blog
Cisco Talos Blog
B
Blog RSS Feed
V
Vulnerabilities – Threatpost
C
Check Point Blog
Security Latest
Security Latest
S
SegmentFault 最新的问题
T
The Exploit Database - CXSecurity.com
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
M
MIT News - Artificial intelligence
T
The Blog of Author Tim Ferriss
Attack and Defense Labs
Attack and Defense Labs
PCI Perspectives
PCI Perspectives
Recent Commits to openclaw:main
Recent Commits to openclaw:main
T
Tailwind CSS Blog
Apple Machine Learning Research
Apple Machine Learning Research

Enterprise – Silicon Republic

Transport for London hackers jailed for five and a half years Commission refers Ireland to CJEU for failing to enact cyber rules Cloudflare to block AI crawlers from ad-supported webpages by default Google ordered to pay Klarna nearly $2bn in abuse-of-power row Upcoming iPhone 18 model leaked in Tata Electronics hack Data breaches going unreported – Irish compliance survey Cybersecurity warning for Irish businesses ahead of EU Presidency Dublin's TensorX to partner with Solstice on sovereign European AI Irish Internet Hotline named Trusted Flagger under EU Digital Services Act Don't panic, prepare: A cyber expert's advice on the Mythos hype Day-to-day cyber incidents driving loss for SMEs, finds report Anthropic to reassess Claude Fable 5 AI development restrictions after backlash Anthropic rolls out ‘Mythos-like’ AI model Claude Fable 5 EMEA firms underestimating 'routine risks', finds cyber report More than 20,000 Instagram accounts hacked using Meta AI bug Report: Irish firms cut cybersecurity spend despite rising risks TCS launches sovereign cloud offering in Europe ECB urging action on AI from lenders’ IT departments Hackers access GitHub, download codebase in Grafana Labs breach Europe's public sector deploying AI faster than it can manage – report UK watchdog probes Microsoft over interoperability issues Foxconn confirms cyberattack on North American facilities Clear gap between AI expectations and preparedness, finds report Canvas parent settles with hacker group that stole user data ShinyHunters demands ransom after Canvas hack EU agrees to simpler AI rules and complete ‘nudification’ ban What’s the difference between IT and OT security? Opinion: Why ISO 27001 alone won't save your data from itself AI race intensifies with Google's new agent management platform Anthropic probing reported Mythos leak on Discord Nearly 75pc of AI’s economic value captured by just 20pc of companies Anthropic’s Mythos to bolster cybersecurity at UK banks The death of ETL: Is zero-copy a ‘liberation’ for data teams? After Anthropic, OpenAI launches cyber-specific AI model The Interview: Dentons' Carlo Salizzo on three forces defining digital law Anthropic's Mythos a game-changer, NCSC chief tells Oireachtas Mythos just first of power models to come: Anthropic co-founder New XP95 hacker group targets Dublin recruitment platform Healthdaq OpenAI apps for MacOS exposed by threat Mythos testing begins as governments raise cyber concerns Anthropic's Glasswing project employs Mythos to prevent AI cyberattacks Is your data integrity framework just a fancy spreadsheet? Ireland begins digital wallet testing and consultation How is Australia working to make data centres more sustainable? China's DeepSeek suffers rare outage lasting several hours ShinyHunters claims responsibility for European Commission breach Security first: Why cybersecurity needs to adapt in the age of AI iOS hacking tool 'DarkSword' leaked on GitHub China’s Alibaba could launch Qwen for enterprise this week Stryker's Cork site hit by global cyberattack Office.eu and the hope for a digitally sovereign Europe How fully homomorphic encryption is reshaping secure AI Major phishing operation disrupted in joint Europol action Hacking tool with possible US origins targets outdated iPhones Pure Storage, now Everpure, to acquire 1touch Hacker used commercial AI to breach 600 firewalls: AWS Why cloud strategies are pivoting from reaction to precision ‘Complexity is where cyber risk tends to grow’ ‘In cyber, bridging the gap between the server room and boardroom is crucial’ AWS expanding in Belgium, Netherlands and Portugal, amid sovereign cloud launch
Report: Medical device cyberattacks on the rise
Colin Ryan · 2026-04-29 · via Enterprise – Silicon Republic

A key driver for the rise in medical device cyberattacks, according to RunSafe, is the prominence of legacy tech in healthcare environments.

Cyberattacks on medical devices are becoming more frequent and more disruptive, according to a report released by US cybersecurity company RunSafe Security today (29 April).

The 2026 Medical Device Cybersecurity Index, based on a March 2026 survey of 551 healthcare professionals throughout the US, UK and Germany involved in device purchasing decisions, found that 24pc of surveyed healthcare organisations experienced a cyberattack on a medical device – a rise of 2pc compared to last year.

Of those that experienced an attack, 80pc reported moderate or significant patient care impact as a result, with a quarter of the cohort reporting significant impact.

According to the report, the most commonly affected systems included electronic health record systems (cited by 35pc of affected organisations), patient monitoring devices (23pc), laboratory and diagnostic equipment (18pc), networked surgical equipment (10pc) and imaging systems (8pc).

The most dominant cyberattack methods seen in these incidents were malware infections requiring device quarantine – which were responsible for nearly half of the incidents (48pc) – and network intrusion requiring device isolation (41pc), with both of these incident types maintaining their dominant popularity from 2025.

However, one incident type that RunSafe noted as emerging particularly in 2026 was remote access exploitation, which was seen in 38pc of incidents. RunSafe stated this signalled that attackers are “adapting to the growing remote access footprint of connected devices”.

“Organisations that have not implemented network segmentation, access controls and runtime protections are exposed,” said the company.

For those organisations that experienced a cyberattack on a medical device, recovery was not so simple.

Nearly half (49pc) of reported incidents caused “extended stays or required manual workarounds”, according to the report, with the most common recovery scenario – experienced by 39pc of impacted organisations – involving five to 12 hours of downtime. Meanwhile, 5pc of affected organisations experienced downtime of more than three days.

Legacy issues

A key driver of the growing medical device cyberthreat, according to RunSafe, is the prominence of legacy devices that cannot be patched or easily replaced.

The report found that three in 10 responding organisations operate medical devices that are past the manufacturer’s end-of-support date. A significant proportion of those devices carry known, unpatched vulnerabilities, according to RunSafe.

The reported reasons as to why these healthcare organisations continue to operate at-risk legacy devices spanned clinical, financial and structural constraints.

38pc of respondents said there was no “acceptable” replacement available yet for the legacy device in question, while 36pc said they cannot afford a replacement.

34pc cited regulatory or approval constraints as a barrier, 33pc said replacing the device or system would cause too much disruption and interestingly, 17pc stated that the risk presented by this legacy tech has been formally accepted by leadership.

“The inability to patch, combined with continued clinical reliance on vulnerable devices, creates a structural security gap that cannot be closed solely through procurement alone,” said RunSafe in an analysis of the topic of legacy devices.

“This gap is almost certainly a key driver behind the rise in runtime protection adoption seen in 2026. Runtime protection technologies – which defend devices without requiring a patch – act as a compensating control for a problem that buying new devices cannot solve.”

As recognised by the report, runtime protection technologies are emerging as a critical “compensating control”, with 82pc of respondents stating that they have widely deployed or are piloting runtime exploit protection.

A vulnerable sector

The rise of medical device cyberattacks highlighted by this report comes as the healthcare industry continues to experience breaches and attacks ranging in severity, as noted by RunSafe founder and CEO Joseph M Saunders.

“The findings land against a backdrop of large-scale healthcare cyber incidents that have disrupted care delivery and revenue flows, underscoring how quickly attacks on device-adjacent systems can translate into patient harm,” he said.

“Medical device cybersecurity is increasing in importance to healthcare buyers as they see it as a patient safety and regulatory imperative.”

Last month, medical equipment manufacturing giant Stryker was hit by a cyberattack that caused a global network disruption. Reports at the time suggested that the company’s Cork plant, which employs more than 4,000, was affected by the attack – which pro-Iranian cyber group Handala claimed responsibility for.

Meanwhile, just a few weeks ago, Dublin recruitment platform Healthdaq – which is used by Northern Ireland’s health trusts – reportedly suffered a cyberattack from the relatively new hacker group XP95, which claimed to have accessed hundreds of thousands of files.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.