A new report is bad news for hospitals, with cyber attacks against healthcare in 2023 on pace to surpass those in 2022.

Hospitals have increasingly become a major target for cybercriminals, with many facilities struggling with budgetary and personnel issues, both of which make them more vulnerable to attack.

According to Bloomberg, John Riggi, American Hospital Association National Advisor for Cybersecurity and Risk, said there has been a “pretty significant uptick” in attacks, with many of them originating overseas and orchestrated by state-sponsored hackers.

“We have foreign bad guys being sheltered by hostile nation states,” Riggi told Bloomberg. Riggi previously served as an FBI official and advised the CIA and White House on terrorism and cyber threats.

To make matters worse, while hospitals carry insurance, many attacks cost up to ten times what insurance policies cover.

The impact is already being felt. Just last week, St. Margaret’s Health announced it was closing permanently as a result of a ransomware attack and the long-term financial damage it did to the hospital.

“Cyber threats and the need to bolster our security of health information systems is a key priority,” Melanie Fontes Rainer, director of the US Department of Health and Human Services Office for Civil Rights, told Bloomberg.