Latin America. Last year's ransomware attack on Ascension Hospitals, one of the largest health systems in the United States, has entrenched cyberattacks on the healthcare sector.
According to Akamai Technologies, this industry is currently among the most attacked in recent years. In 2025, the healthcare sector in Latin America faces a growing threat of ransomware attacks, with far-reaching consequences.
Research indicates that ransomware attacks are costly, with healthcare institutions losing an average of $900,000 a day from downtime alone. In a recent study, of the 99 health care organizations that admitted to paying a ransom and disclosed the cost, the average payment was $4.4 million.
Jairo Parra, cybersecurity expert at Akamai Technologies, stressed that the health sector in Latin America is one of the most vulnerable to receiving a ransomware attack, which although it goes through a digital transformation that benefits patients, a large number of health institutions lack the resources, training and strategies to prevent and respond to digital threats. "Cyberattacks will target hospitals, clinics and health centers, and will become increasingly attractive targets due to the desperation factor, which significantly influences the likelihood of paying the ransom," he said.
This can undoubtedly be devastating for the population, as there are care centers that are often the only health care option for many miles in the communities they serve. Often these facilities lack dedicated cybersecurity personnel and in fact do not have an information security director or information technology staff. For the most part, healthcare personnel such as doctors, nurses, and administrative staff do not have the necessary knowledge to even identify a phishing threat.
Jairo Parra stressed that patients' confidential medical data is very valuable on the black market, so cybercriminals can steal this information and sell it to third parties, resulting in identity theft, financial fraud and other crimes. In a more serious scenario, cyberattacks can cripple the computer systems of hospitals, clinics, and healthcare facilities, negatively impacting the delivery of healthcare services. Such interruptions can delay diagnoses, treatments, and surgeries, putting people's lives at risk.
Patient data is a key concern, but not for resale value, as many might think. The expert clarified that the real value comes from the price that many healthcare organizations are willing to pay to stay out of the spotlight and avoid controversy in relation to a data breach. According to research from Akamai, the sweet spot for ransomware payments in organizations is highest for organizations with revenues of less than $500 million.
Jairo Parra warned that any application or interface that allows access or manipulation of objects such as database records, files or other resources within an IT environment can be and will be breached by threat actors. This type of vulnerability is called BOLA or Broken Object Level Authorization and is listed as the number one threat to APIs, according to the OWASP (Open Web Application Security Project) Top 10 API Security Risks list. "BOLA is considered a major security threat from API protection because it is very difficult to detect. This vulnerability allows an attacker to manipulate inputs, such as URL parameters or request payloads to access unauthorized data or perform unauthorized actions," explained the Akamai specialist.
Another recommendation made by the expert to healthcare organizations is to work in coordination with external suppliers to protect their supply chains, given the growing threat of ransomware infiltrations. In order to safeguard the safety of patients and the health institutions themselves, Jairo Parra provides the following protection measures to avoid being a victim of a ransomware attack:
• Reduce risk without the need for expensive security hardware with a software-based micro-segmentation approach.
• Detect lateral movement and threats in real-time across the entire cyberattack destruction chain with a single platform.
• Protect critical assets from ransomware by easily applying Zero Trust principles across hybrid cloud ecosystems.
• Find and inventory all your APIs, including shadow, zombie, and unauthorized APIs, through continuous detection and monitoring.
• Perform API audits to detect vulnerabilities and misconfigurations commonly targeted by cybercriminals, including the top 10 API security risks according to OWASP.
• Use contextual information to identify risks such as data breaches, suspicious behavior, malicious bots, and API attacks.
