Healthcare systems across the globe are facing unprecedented levels of cyberattacks, with Africa recording some of the steepest increases in 2025.
According to a new report released by Check Point Software Technologies Ltd. (NASDAQ: CHKP) to mark World Patient Safety Day 2025.
The report warns that hospitals and clinics are no longer just data targets — attacks are now directly disrupting surgeries, emergency care, and treatment plans, placing patient lives at risk.
“On World Patient Safety Day 2025, the focus must extend beyond clinical errors to the hidden risks of cyberattacks on healthcare,” said Kingsley Oseghale, Country Manager West Africa, Check Point Software Technologies. “Africa’s fragile healthcare sector is clearly under threat, and as a continent in urgent need of robust medical services, we must ensure our systems are adequately protected.”
Africa Among Hardest Hit
According to Check Point Research, healthcare organisations in Africa are weathering an average of 3,575 cyberattacks per week in 2025, a 38% year-on-year increase. The surge is linked to accelerated rollouts of e-health platforms and mobile patient services, which have often outpaced investment in cybersecurity infrastructure and training.
Globally, healthcare ranks among the top three most attacked industries. From January to August 2025, providers faced 2,465 weekly attacks per organisation, up 17% YoY and well above the global cross-sector average of 1,963.
Latin America leads in volume with 4,539 weekly attacks per organisation (+63% YoY), while the Netherlands emerged as the most targeted country, averaging 3,216 attacks (+31% YoY). The U.S. saw the sharpest rise at 40%, underscoring the profitability of healthcare data for ransomware groups.
In contrast, the UK and France recorded declines of 18% and 21% respectively, reflecting stronger public-sector cybersecurity investments.
AI as Both Weapon and Shield
Artificial intelligence is accelerating the cyber risk. Attackers are now using generative AI to craft malware, phishing campaigns, and deepfakes of healthcare executives, making scams harder to detect. AI can also manipulate clinical algorithms or forge fraudulent authorisations, amplifying threats.
Yet AI is also proving vital for defence. Hospitals deploying AI-powered cybersecurity platforms can monitor networks in real time, block phishing and ransomware automatically, and even predict system weaknesses before attackers exploit them. IBM data cited in the report shows AI-driven defences helped cut the average cost of a healthcare breach to $7.4 million, down from $9.7 million last year.
“This surge stems from rapid digitisation, mixed legacy systems, and a shortage of cyber security staff, creating a perfect storm for attackers,” Oseghale noted. “It has now become a battle of AI against AI, with defenders racing to keep pace.”
From Data Breaches to Direct Patient Harm
Connected medical devices such as infusion pumps, wireless heart monitors, and smart inhalers are widening the attack surface. The report recalls the 2017 WannaCry ransomware outbreak, which infected 1,200 NHS diagnostic devices, shuttered five emergency departments, and forced the cancellation of 19,000 appointments.
Stolen health records remain highly lucrative, feeding fraud and extortion schemes. Victims of medical identity theft spend an average of 210 hours and $2,500 reclaiming their identities, according to Health-ISAC.
Safeguarding Patient Safety Through Cybersecurity
Check Point emphasises that patient safety now depends on cybersecurity as much as clinical care. It recommends a prevention-first approach built on five pillars:
-
Continuous staff training to counter phishing and social engineering.
-
Full asset visibility, including IoT and legacy systems.
-
Zero-trust frameworks and strict network segmentation.
-
AI-powered, prevention-first security that blocks threats before execution.
-
Platform consolidation to reduce complexity and strengthen resilience.
Check Point’s own Infinity platform is positioned as an integrated model to secure users, devices, and data across healthcare ecosystems.
“Cybersecurity in healthcare is no longer just about protecting data — it’s about protecting lives,” Oseghale said. “By embedding AI-powered prevention into every layer, from device design to data governance, we can ensure innovation translates into safer, more resilient care for patients.”
