Healthcare systems are now amongst the most aggressively targeted areas by cyber criminals, with the number of attacks levelled against the sector rising by 21% in 2025 alone. With many institutions still running on outdated, vulnerable infrastructure, it only takes a single point of weakness for hackers to quickly expose patient data, or disrupt medical equipment.
Such attacks can result in life-threatening consequences. Any modern device used to sustain patient life likely contains a variety of sensors and monitoring technologies, any of which can be exploited by attackers to gain access to an institution’s network if adequate protection is not in place. Additionally, the capabilities of these sensors can be weaponised to cause significant physical harm to patients, making the security of devices and equipment critical.
A growing threat landscape
Even those who have moved to the Cloud aren’t automatically safer: poor configuration and widespread phishing attempts continue to create windows of opportunities for potential attacks.
With medical records carrying high value, healthcare organisations must prioritise strong encryption, robust authentication, and the latest computing standards. When a password is compromised or a security layer fails, rapid response measures are pivotal to contain the damage. Above all, patients and staff need confidence that the systems they depend on remain secure and trustworthy.
Recent incidents demonstrate how quickly attacks can escalate from data loss to delayed treatments, system shutdowns, and millions in damage. In November 2024, the Wirral University Teaching Hospital in the United Kingdom experienced a major cyberattack against its main clinical system. Patient records and sensitive data remained protected during the attack, yet all outpatient appointments had to be cancelled, including those in the cancer care unit.
Patient wait times were extended to an average of 174 days from the 90 days experienced before the attack, while the financial damage to the hospital’s Trust was estimated around £3.7 million.
Setting the standard for device security
Thankfully, standards bodies like the Trusted Computing Group (TCG) play a central role in enhancing the security of devices found within the healthcare sector. Technologies, guidance, and standards devised by these organisations can be used as the foundation for secure computing environments, especially in high-risk sectors like healthcare.
Simply put, they are the building blocks that enable components within a computer network to verify and trust all other network elements.
Hardware Roots-of-Trust (RoTs) can help deliver this integrity. Foundational technologies such as the Trusted Platform Module (TPM) validate that data originates from authorised sources and has not been tampered with. TPMs support identity, attestation, and anomaly detection, helping organisations quickly identify and contain suspicious device behaviour so that malicious activity can be isolated before it spreads.
For smaller devices, including the sensors embedded in medical equipment, the Device Identifier Composition Engine (DICE) specification provides an additional layer of protection. Each firmware layer receives a unique cryptographic identity, preventing attackers from using a compromised layer to access deeper parts of the device.
If tampering is detected, devices can be re-keyed, giving healthcare organisations a practical way to maintain trust throughout the entire firmware lifecycle.
Protecting supply chains
However, securing a hospital no longer stops at its own walls: with sprawling supply chains and the rise of telehealth, institutions must also be able to trust the devices patients own, and the equipment provided by third-party vendors.
For example, as new technologies are procured by hospitals, security checks may rely on manual processes such as label verification or serial-number inspection – approaches that are slow, inconsistent, and prone to human error. At the same time, an increasing number of patients are dependent on their personal devices to access care, as clinicians increasingly support them remotely.
Because healthcare institutions cannot control the security of every supplier or patient device, they must rely on standards bodies to strengthen these chains.
One way to achieve this is through Platform Requirements for Certificates and RIMs (PRCR), which assesses the health of devices across the supply chain. PRCR provides a baseline integrity measurement during manufacturing, enabling organisations to compare results throughout a device’s lifecycle and detect tampering. It also confirms that the device received by the end user matches the original order.
By comparing these results against the Reference Integrity Measurement (RIM), manufacturers and healthcare providers can identify compromised hardware at any stage, ensuring that devices used to access sensitive medical data remain trustworthy.
Looking ahead
One area of focus for the healthcare sector going forward is the threat of quantum attacks. The recent State of PQC Readiness Report found that institutions are not yet ready for the post-quantum era and will likely face significant migration challenges when it comes to Post Quantum Cryptographic (PQC) algorithms.
91% of organisations – especially those in sectors like healthcare which may not have dedicated security teams – do not have a formal PQC roadmap in place. This includes a lack of structured planning, inventorying of cryptographic assets, or timelines for migration.
The survey found that the current crypto libraries and hardware security modules (HSMs) used across industries are unprepared for PQC, which directly affects healthcare environments that rely heavily on legacy systems and long lifecycle devices.
Even if a security professional within a healthcare institution is aware of the threat, PQC migration is a multi-year, multi-layer transformation, which will require changes to firmware, devices, certificates, supply chain processes, and Cloud infrastructure.
Healthcare, with its mix of legacy equipment and modern digital systems, faces some of the steepest challenges. This is especially true when they face ‘harvest now, decrypt later’ attacks, where adversaries steal encrypted data – such as patient records – today to decrypt once quantum capabilities mature.
However, institutions can meaningfully improve their post quantum readiness by adopting the latest standards that align with NIST approved PQC algorithms.
Standards organisations like TCG don’t replace the work of NIST and the UK’s NCSC, but operationalise it. In fact, the TCG is currently undergoing the process of implementing the PQC algorithms into their standards so businesses leveraging these can be better protected from the quantum attacks of the future.
This article originally appeared in the April’26 magazine issue of Electronic Specifier Design – see ES’s Magazine Archives for more featured publications.
