As tensions rise in the Middle East, cyber attacks are increasing. Are your healthcare clients protected?

by | Nov 6, 2023

Healthcare providers of all sizes need another level of protection for their online systems. As tensions rise in the Middle East, cyberattacks are likely to increase on all forms of US infrastructure, including healthcare. These attacks are serious as they are likely sponsored by groups like The Islamic Revolutionary Guard Corps (IRGC) of Iran.

We’ve had two recent warnings of this threat:

  • On October 13, 2023, the US National Security Agency (NSA) warned of increased cyber threats from state-sponsored actors in the Middle East.
  • On October 27, 2023, leading security firm Mandiant released a report stating that it had observed increased activity from Iranian-affiliated hacking groups in recent months.

Many healthcare systems would not even stand up against attacks by lower level criminal groups, let alone state sponsored ones.  So if any of your healthcare clients have not taken up Cyber Liability Insurance, we suggest you again recommend it to them, with a new level of urgency. This is not an idle threat, the Islamic Revolutionary Guard has been very active lately, after initially targeting US healthcare providers in 2016.

Here is the background story:

A startling discovery

In 2016, A cybersecurity investigator at Google subsidiary, Mandiant, made an alarming discovery. The malware that had just been used in a large scale cyber attack on healthcare providers looked somewhat familiar. When he inspected in more closely, he found the same code had been used previously, in attacks against infrastructure projects. But more alarming was the organization behind this malware: The Islamic Revolutionary Guard Corps (IRGC) of Iran.

The investigator’s findings were a major breakthrough in understanding the Iranian government’s involvement in cyber attacks against US healthcare providers. The findings also showed that the IRGC was developing new and sophisticated malware that could be used to more effectively target healthcare organizations.

Taking it to a whole new level

The following year, the IRGC took these attacks to a whole new level, launching a major cyber attack against the US Department of Health and Human Services (HHS). The attack disrupted the HHS website and compromised the personal information of over 22 million people.

This time it was attributed to a group of hackers known as ‘Charming Kitten’, but investigators immediately recognized the prints of the IRGC, making ‘Charming Kitten’ another of Iran’s many state-sponsored hacker groups.

‘Charming Kitten’ used a variety of sophisticated methods to gain access to the HHS website, including phishing attacks and exploiting software vulnerabilities. Once they had access to the website, the hackers compromised the personal information of millions of Americans, including Social Security numbers, dates of birth, and contact information.

Aside from being a major embarrassment for the US government, the HHS website attack represented a new level of sophisticationa significant breach of security and it demonstrated that Iranian hackers are capable of targeting and compromising even the most sensitive US government systems.

In 2020, Iranian hackers again targeted a number of US healthcare providers, including hospitals and clinics. The hackers used ransomware to encrypt the providers’ computer systems, demanding a ransom payment in exchange for the decryption key.

This time, the attacks were attributed to a group of hackers known as ‘NetWalker’ but again, investigators found the level of sophistication too great for it to be just another criminal group. Evidence pointed to Netwalker being another state sponsored IRGC affiliate.

The attacks 2020 attacks caused a significant disruption to US healthcare services. Many providers had to delay or cancel appointments, and some even had to divert patients to other hospitals.

A similar attack was conducted against another hospital in 2022, causing the same kind of disruptions.

“rapidly accelerating” cyberattacks


In May this year, Microsoft announced that Iran had been “rapidly accelerating” cyberattacks since mid-2022. The tech giant attributed 24 cyber operations since June 2022 to Iran’s so-called ‘Cotton Sandstorm’, which the U.S. Treasury had also linked to cyberattacks on the 2020 presidential election.

As geopolitical tensions continue to escalate between the United States and Iran, the IRGC is expected to ramp up attacks on US Infrastructure, including healthcare providers. With this looming threat in mind, we urge commercial agents who are responsible for advising healthcare and senior living providers, to address the need for comprehensive Cyber Liability Insurance as a matter of urgency.

With IRGC sponsored groups, we are not simply dealing with opportunistic criminal gangs. These are state sponsored hackers, with all the resources of the Iranian government behind them, using extremely sophisticated methods to access online systems. Just being vigilant with internet security is not enough.

This is why we work with carriers who go beyond just offering traditional coverage. They include comprehensive security advice and vulnerability testing in their policies. So if any of your healthcare clients have not yet taken up Cyber Liability Insurance, we urge you to recommend it with renewed urgency.

Agents need to double down and ensure their clients have Cyber Liability Insurance as a matter of urgency.


Get a Quote Now

Get a Cyber Liability Insurance quote for your client or contact Westwood and find out how much our Carriers are committed to preventing cyber attacks now. 

    Dale Nelson

    Dale Nelson

    Senior Broker, Westwood Insurance Group

    Dale has worked in the insurance industry since leaving college, specializing in the healthcare niche. He has developed long-term relationships with insurance carriers and retailers in the Medical Professional Liability area. Dale has worked with carriers, retailers and brokers and so works effectively at helping agents solve problems for their clients.

    Articles by Dale Nelson

    Digital Healthcare and the Uncertain Malpractice Landscape

    The digital healthcare revolution has taken the country by storm - an exciting new area, where opportunities abound for commercial agents. This rapid growth, was fueled by a combination of changing lifestyle trends, technological advancements and a shortfall in...

    Could the technology behind Bitcoin help secure medical records?

    Cyber security is a growing problem for healthcare providers, who often struggle to keep the records of their patients secure. Cyber insurance coverage is not generally mandated by law and many healthcare organizations remain uninsured, even though laws and...

    A lesson in Liability Insurance for Chiropractors

    A visit to the chiropractor for a 32-year-old patient in Georgia recently led to a $75 million medical malpractice verdict. The claim related to emergency treatment the patient received after collapsing with a brainstem stroke, resulting from chiropractic manipulation...

    Contact Dale Nelson now

    Dale Nelson of Westwood Insurance Group

    Dale specializes in insurance for home healthcare providers. You can call him on the number below or fill out the form and he will get your message directly:

    traditional insurance products

    Westwood have fostered exceptional relationships with underwriters and we go to great lengths to keep abreast of their latest products, changes in requirements and restrictions, including having weekly calls with the carriers, which you can see here, by joining our insurance insider group.

      Insurance products at Westwood Insurance Group

      You can find more information on the Insurance Products main page.

      If you have any questions on the different policies, check out our Insurance FAQ’s

      alternative structures

      Westwood President, Michael Richards has extensive experience in setting up alternative structures for larger clients. Here are some examples:


      If you think your client could be large and stable enough to benefit from starting or participating in a captive or has a special need for another alternative structure, contact Michael Richards now by phone: 855 351 7487.