Ensuring Service Availability in Healthcare with Smarter DDoS Defense

DDoS attacks are no longer just an IT problem. They have become a board-level concern, especially in the healthcare industry, where service availability can mean the difference between life and death. 

In a recent webinar, security experts Daniel Lakier, Field CISO at Myriad 360, and Kevin Werner, System Director of Security Operations at Mainline Health, joined Corero Network Security’s Mike Honeycutt to discuss healthcare’s evolving DDoS threat landscape. They shared real-world insights into the rising attacks on hospitals and medical networks, the impact on patient care, and strategies to mitigate risk. 

Why Healthcare is a Prime Target for DDoS Attacks 

Historically, healthcare organizations were not primary targets for cyberattacks. There was an unwritten rule among attackers that hospitals should be left alone. That has changed dramatically in recent years. 

A Shift in Attack Patterns 

• Surge in Attacks: Since 2020, there has been a sharp rise in targeted DDoS attacks against hospitals and medical institutions. Attackers have evolved beyond volumetric attacks to more sophisticated, targeted methods. 

• Impact of Cloud Migration: As hospitals move critical systems—Electronic Medical Records (EMR), imaging, and scheduling—to cloud-based applications, their reliance on internet connectivity has grown. If their network goes down, they lose access to life-saving data. 

• Ransom-DDoS (RDoS) Threats: Attackers increasingly use DDoS attacks as an extortion tool, demanding ransoms to halt service disruptions. 

• Geopolitical Influence: The surge in attacks coincides with global events, such as the Russia-Ukraine conflict, demonstrating how cyber warfare extends beyond traditional military targets. 

Real-World Consequences of DDoS Attacks on Healthcare 

Healthcare’s growing dependence on cloud applications makes downtime devastating. When a DDoS attack occurs: 

• Doctors and nurses lose access to EMRs, forcing them to rely on outdated paper processes. 

• IoT medical devices become disconnected, impacting critical patient monitoring. 

• Hospitals must divert patients to other facilities, delaying emergency treatment. 

• Reputation damage and financial loss from prolonged downtime can be incalculable. 

“The long-term reputational damage from an attack—having to divert patients and losing operational trust—is enormous,” Kevin Werner noted. “It’s not just about money; it’s about patient safety.” 

The Need for Layered Protection 

Traditional DDoS Protection is Not Enough 

Many hospitals have basic, cloud-based volumetric DDoS protection in place, but today’s attackers have adapted. They now use: 

• Application-layer (Layer 7) attacks to disrupt web-based medical portals. 

• Encrypted attacks that evade standard detection tools. 

• Pulse attacks, where short, intermittent bursts of traffic trick defenses into failing over to more expensive mitigation services. 

“Attackers know hospitals rely on cloud-based applications,” Daniel Lakier explained. “If they take down your internet access, they take down your ability to save lives.” 

Building Resilience: A Multi-Layered Approach 

Hospitals need a hybrid DDoS defense strategy that includes:  

• On-Premises Protection: For better visibility and to mitigate sophisticated and encrypted attacks in real time. 

• On-Demand Cloud Protection: To handle large-scale, volumetric attacks. 

• AI-Driven Monitoring: To proactively detect and respond to emerging threats. 

• Redundancy & Resilience Testing: Regularly simulate network failures to validate high availability and ensure team readiness. 

“Having visibility into incoming traffic has been game-changing,” Werner emphasized. “It allows us to catch abnormal traffic patterns before they become full-blown attacks.” 

Why Corero? Healthcare-Ready DDoS Protection 

Corero Network Security’s real-time, adaptive DDoS protection aligns with healthcare’s unique security needs. Through integrations with leading technology partners like Myriad 360, Corero delivers: 

• Real-time mitigation in the data path 

• • Blocks threats instantly—no rerouting, no delays. 

• Adaptive protection 

• • Fits into your existing network architecture and evolves with your environment. 

• Cost-effective defense 

• • Minimizes OpEx while maximizing protection and efficiency. 

• Always-on managed services 

• • Ensures service availability, so healthcare teams can stay focused on patients—not DDoS events. 

“As attackers become more sophisticated, having an adaptive and real-time DDoS defense system is no longer optional—it’s essential,” Lake stated. 

The Future of DDoS Protection in Healthcare 

As ransomware-DDoS hybrids become more common, and attackers develop AI-driven attack methods, hospitals must stay ahead with AI-assisted defense solutions. Regulatory bodies may soon require stricter cyber resilience measures, making proactive security investments critical. 

“DDoS isn’t just about keeping networks up. In healthcare, service availability is patient safety.” – Daniel Lakier 

Watch the Full Webinar 

The insights shared in this webinar are invaluable for healthcare security professionals. Watch the full recording to learn how to protect your hospital from DDoS attacks and ensure continuous patient care.