The rise of generative AI has brought a raft of new tools into the workplace, but it’s also changing how cyber criminals craft their campaigns, and it’s a shift in the threat landscape that the healthcare sector in particular needs to catch up on.
“Generative AI has given attackers the ability to customise payloads and phishing campaigns at speed and at scale, quickly undercutting the value of signature-based tools and legacy email filters,” Errol Weiss, chief security officer of information-sharing non-profit Health-ISAC, told Cyber Daily.
“Large language models let adversaries continuously tweak language, structure, and delivery, so threats no longer stay static long enough to be reliably detected. As deepfakes, synthetic identities, and highly localised lures become easier to produce, defenders can no longer fall back on obvious tells like poor grammar or reused code.”
What this adds up to, according to Weiss, is hackers capable of learning quicker than traditional cyber security controls were ever designed to keep pace with.
“When attacks are being generated and refined automatically, no single organisation can see enough, fast enough to stay ahead on its own. The only realistic counter is actionable intelligence sharing that turns one organisation’s near-miss into an early warning for everyone else,” Weiss said.
“Pairing that intelligence with human-layer threat modelling grounded in real workflows and clinical realities shows how generative attacks will actually be used against staff, not just how they appear in theory. Communities that openly exchange TTPs, playbooks, and real-time indicators give defenders a way to adapt collectively, at a pace no individual team could match.”
Staying abreast of these ever-changing threats is particularly important to the healthcare sector, where security budgets are often low, and the risk of patient data compromise makes any breach serious, as incidents such as the Genea fertility clinic and Spectrum Medical Imaging breaches illustrate.
“Healthcare organisations don’t have the luxury of slow adaptation. When AI can weaponise new lures or exploit chains in hours, moving at yesterday’s pace means defending yesterday’s patients,” Weiss said.
If hospitals and other healthcare providers can’t keep critical systems online, even having the right tools is not enough. Sharing insights with the wider healthcare community is a vital shift. Weiss, however, said that any such shift must come from the top.
“Boards and executives need to treat AI-driven threats as a patient safety issue and accelerate investment in skills, partnerships, and information sharing that can keep up with the speed of automation.”
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.