World Patient Safety Day 2025: Protecting Patients and Institutions from AI-powered Cyber Threats

Yesterday, the globe marked World Patient Safety Day (WPSD). This globally recognized event occurs every year on 17 September, as mandated by a resolution from the World Health Assembly. It acts as an international effort geared towards patient safety. It brings together patients, families, healthcare professionals, policymakers, and the community to join hands to enhance patient safety globally.

The 2025 edition emphasises protecting our most vulnerable patients, infants, and children, by prioritising safety from the very beginning of life. This year’s theme, “Safe care for every newborn and every child,” acknowledges the pressing necessity of eradicating avoidable harm in pediatric and neonatal healthcare environments.

Africa’s Position and Weaknesses in Patient Safety

As reported by Check Point Research, Africa experienced an average of 3,575 weekly attacks per healthcare organisation in 2025, representing a 38% increase year over year. This was primarily fueled by the rapid deployment of e-health systems and mobile patient services, which surpassed the pace of security training and infrastructure development.

“On World Patient Safety Day 2025, the emphasis should be on the concealed dangers of cyber threats to healthcare,” states Kingsley Oseghale, Country Manager West Africa, Check Point Software Technologies.

“The growing private healthcare industry in Nigeria faces significant risks.” Kingsley Oseghale added.

“As a nation, which urgently requires sufficient healthcare services to support our increasing population, we must guarantee that our healthcare systems are well safeguarded,” he added.

“Attacks now involve more than just data theft — they lead to postponed surgeries, mandatory emergency rerouting. This can change treatment strategies, putting patients at direct risk,” he states.

Health-ISAC reported that 92% of healthcare organisations faced a cyber incident, compromising over 276 million patient records globally.

Hospitals as Main Targets of Attacks

The healthcare sector has become one of the three most targeted industries worldwide. Between early 2025 and the end of August, healthcare organisations across the globe encountered an average of 2,465 cyberattacks weekly. This was a 17% rise compared to the previous year and notably above the global average of 1,963 weekly attacks seen in various sectors, as reported by Check Point Research.

Latin America reported the largest regional total, experiencing 4,539 weekly attacks per organisation (+63% YoY). This increase indicates the region’s swift digitisation of healthcare services without corresponding investment in cybersecurity measures. This led to an outcome that left many public and private clinics susceptible.

In the healthcare sector, the Netherlands ranked highest at the country level with 3,216 attacks per organisation (+31% YoY). It demonstrates the country’s

high concentration of technologically advanced hospitals and international research institutes. The United States experienced the steepest year-over-year rise at 40%, highlighting the profitability of its healthcare data for groups focused on extortion. Sweden (2,618 +3%), Belgium (2,527 -4%), and Israel (2,206 unchanged) persistently confront ongoing threats, whereas Canada (+25%) and Germany (+4%) are experiencing a resurgence of attacks on local hospital networks. The UK (-18%) and France (-21%) experienced reductions due to enhanced tone in proactive cyber measures and unified public-sector efforts.

“This increase arises from swift digitisation, varied legacy systems, and a lack of cyber security personnel. Together, this forms an ideal situation for attackers aiming for valuable patient data and disruption opportunities,” Oseghale stated.

AI as a Double-Edged Sword in Healthcare

Artificial intelligence is revolutionising healthcare by enabling predictive diagnostics, clinical decision support, and patient engagement applications. However, the industry has long been a prime target for cybercriminals due to its extensive troves of sensitive data and feeble IT infrastructures.

Artificial Intelligence is currently enhancing this dynamic on both ends. Cybercriminals are using AI resources to generate malware without advanced programming knowledge. Also, they produce sophisticated phishing messages and develop lifelike deepfakes of healthcare executives. This renders scams more difficult to identify and enables more extensive attacks.

Generative AI can be used to contaminate training data for clinical algorithms, create deepfakes, or illegally generate patient information. This can enhance the scale and accuracy of attacks. The situation has evolved into “AI versus AI,” where attackers deploy AI to breach systems while defenders struggle to respond effectively.

Using AI as a Foremost Defensive Tool

Simultaneously, AI has evolved into an essential defensive asset. AI-driven systems can assess network activity and user interactions in real time, automatically prevent ransomware and phishing attacks. Also, they can enhance encryption and access measures, prioritise research to detect vulnerabilities, and foresee weaknesses before exploitation. In case of a breach, AI-driven response systems can swiftly assess and manage threats. This can lower the expense of a healthcare data breach. Healthcare institutions should implement a “combined cyber-AI” strategy that consolidates AI throughout the security framework. This way, hospitals can actively adapt with the evolving threat environment while protecting patient information and preserving operational stability.

Check Point Research has recently intercepted over 7,000 phishing emails mimicking Zocdoc and various other providers, which affected 300 organisations.

Notable Incidents of Security Breaches that Actually Harmed Patients

Connected medical devices (IoMT), such as infusion pumps, wireless heart monitors, and smart inhalers, are transforming healthcare. However, they are not protected to the same level as hospital networks. The 2017 WannaCry ransomware incident affected 1,200 diagnostic machines throughout the NHS, leading to the shutdown of five emergency departments and the cancellation of 19,000 appointments. This implies that cybercrime can now directly impact patients, rather than only affecting their records.

As reported by Health-ISAC, victims of medical identity theft typically invest around 210 hours and $2,500 to recover their identities. Illegally obtained health information is transformed into “identity kits” for fraudulent activities, counterfeit prescriptions, or threats. This jeopardizes patient confidence and overwhelming personnel with lawsuits. Hospitals face potential regulatory penalties, reputational harm, and operational interruptions when data breaches lead to actual patient harm.

Cybersecurity for Patient Safety

The safety of patients now relies on cybersecurity just as much as clinical quality. Five crucial steps emerge:

1. Continuous Employee Training: Consistent phishing and social-engineering education.
2. Thorough Asset Inspection: Review all cloud, IoT, and conventional technology to pinpoint gaps.
3. Zero Trust Approach: Restrict access to sensitive data.
4. Use AI-powered Security: We must transition from merely detecting attacks to stopping them before they occur.
5. Platform Consolidation: A unified security framework (like Check Point Infinity) encompasses users, devices, and data from start to finish.

Along with updated cybersecurity safety protocols for IoMT manufacturers and industry-wide information sharing, these measures lessen risk and exposure to threats.

“Cybersecurity in healthcare has evolved beyond merely safeguarding data: it’s now about safeguarding lives.” The potential for harm increases dramatically with the convergence of connected devices, AI-driven applications, and extensive patient data. We must guarantee that rather than enabling risks, advancements in healthcare result in safer, more robust care for all patients,” Oseghale concludes.”