This paper argues that these potential vulnerabilities deserve rigorous, urgent, and thorough investigation. First, it draws from cybersecurity literature, and reviews general sources of vulnerability in digital systems. Next, with these sources of vulnerability in mind, it reviews the health intelligence systems used in the US as well as in a current Public Health Emergency of International Concern (PHEIC), the Ebola outbreak in the Democratic Republic of the Congo (DRC). It then It then reviews the possible motives state actors have to attack health intelligence systems, drawing on recent examples of state-led efforts to manipulate, conceal, or undermine health information. It then speculates about what an attack on a health intelligence system might look like. It concludes by proposing a research and education agenda to thoroughly interrogate these issues and generate policy recommendations needed to address them.