Healthcare institutions across Africa are increasingly coming under cyberattacks, with hospitals, laboratories and digital health platforms emerging as major targets for cybercriminals, Microsoft’s Chief Security Advisor for Africa, Kerissa Varma, has cautioned.
In an opinion article shared with Truth Live News, Varma raised concern about the growing vulnerability of healthcare facilities across the continent. She described the situation as a “silent emergency”, noting that criminals are taking advantage of the rapid digitisation of medical records and healthcare services.
“While doctors are working to save lives, cybercriminals are penetrating hospitals, laboratories and clinics, transforming life-saving institutions into digital battlegrounds,” Varma stated.
According to her, several cyber incidents recorded across Africa demonstrate how fragile the region’s medical digital infrastructure has become.
In May 2025, Mediclinic Southern Africa experienced a cyber-extortion attack that exposed sensitive human resources data. Later in the year, Lancet Laboratories in South Africa faced regulatory sanctions after failing to promptly notify patients of a data breach, in violation of the country’s Protection of Personal Information Act.
During the same period, a ransomware attack on the National Health Laboratory Service disrupted blood test processing across South Africa, leading to delays in critical medical services for millions of patients.
Other cases include M-Tiba, a Kenyan digital healthcare platform operated by CarePay and supported by Safaricom, which suffered a significant data breach toward the end of 2025. In Morocco, the pharmaceutical platform Pharmacie.ma was reportedly targeted in an unauthorised export of customer data.
Studies also indicate that Nigeria’s private healthcare sector is becoming an increasing target for cybercriminals, with attacks reportedly rising at a worrying rate.
“Africa’s healthcare organisations recorded an average of 3,575 cyberattacks weekly in 2025, representing a 38 per cent increase compared to the previous year,” Varma revealed. She noted that these attacks often lead to temporary shutdowns of hospital systems, encryption of patient records, and the possibility of confidential information being sold on the dark web.
Varma explained that outdated systems, fragmented digital infrastructure and poorly funded IT departments leave many African hospitals exposed to cyber threats. Although the growing use of open-source artificial intelligence tools for diagnostics and patient management helps reduce costs, many of these solutions lack the robust security features required for sensitive medical environments.
She also warned that the storage of unencrypted patient data across multiple platforms significantly increases the likelihood of security breaches.
“Medical records are extremely valuable targets. Unlike credit card details that can expire, patient data remains useful for years and can be exploited for identity theft, fraudulent insurance claims and illegal prescription activities,” Varma said.
According to her, a single medical record can sell for as much as $310 on the dark web, compared with $30 to $50 for stolen credit card information.
Varma stressed that downtime in healthcare systems can be dangerous, as hospitals cannot afford disruptions during critical operations. Because of the urgency involved in healthcare services, many institutions feel pressured to pay ransom demands to regain access to their systems. However, she noted that in two out of every five cases where ransom payments were made, the data or operations were still not fully restored.
She therefore urged healthcare providers to incorporate cybersecurity into their broader risk management strategies.
“Investing in technology that can detect and contain cyberattacks, maintaining secure data backups, and regularly rehearsing incident-response plans in line with regulations such as POPIA in South Africa and data protection laws in Kenya and Nigeria can prevent minor incidents from escalating into major crises,” she said.
Varma also highlighted the growing role of artificial intelligence in cyber warfare, noting that attackers are increasingly using AI to design more sophisticated scams.
“Cybercriminals are deploying AI to scale and customise attacks, making AI-driven phishing about 4.5 times more effective than traditional techniques,” she explained. “At the same time, AI can also assist defenders by automating threat detection, containment and response.”
She further emphasised that remote access to patient records should be protected by strong identity verification systems.
“Healthcare institutions must implement phishing-resistant multi-factor authentication and conditional access policies to secure user accounts,” Varma advised.
The Microsoft executive added that training hospital staff remains critical in preventing cyber incidents.
“People remain central to cybersecurity. Educating both medical and administrative personnel on recognising phishing attempts, enforcing role-based access controls, and building a culture of security awareness are essential steps. Cybersecurity is no longer just an IT issue; it directly affects patient safety,” she said.
Varma concluded by stressing that as African healthcare systems continue to digitise, protecting their digital infrastructure should receive the same level of attention as safeguarding patients’ physical health.
“By adopting comprehensive cybersecurity strategies and using AI-powered defence systems, Africa’s healthcare sector can strengthen its digital security and deliver safer, more resilient healthcare services,” she added.
