Cyberattacks on Hospitals Pose Increasing Risk to Lives, Experts Warn

Hospitals are increasingly vulnerable to cyberattacks, putting lives at risk. Cybercriminals are targeting hospitals for hefty ransoms, with attacks on the rise. The US government needs to take more meaningful action to address the issue.

Cybersecurity experts are sounding the alarm about the growing threat of cyberattacks on hospitals across the country. These attacks, like the one that recently crippled operations at a leading children's hospital in the Midwest, are putting lives at risk. Experts argue that the US government is not doing enough to prevent such breaches.

In recent years, hospitals have increasingly relied on online technology to support various aspects of their operations, including telehealth, medical devices, and patient records. Unfortunately, this has made them a prime target for internet thieves who hold their data and networks hostage for hefty ransoms. John Riggi, the American Hospital Association's cybersecurity adviser, explains that the expanded use of network and internet-connected technology has inadvertently increased hospitals' vulnerability to cyberattacks.

These attacks are often carried out by adversaries such as Russia, North Korea, and Iran, who enjoy significant financial gains from their victims and face little to no consequences. Last year alone, there were 46 cyberattacks on hospitals, compared to 25 in 2022. The average payout demanded by criminals has also skyrocketed, jumping from $5,000 in 2018 to US$1.5 million in 2021.

Brett Callow, an analyst for cybersecurity firm Emsisoft, warns that the situation will only worsen unless governments take more meaningful action. He suggests that cyberattack victims, including hospitals, local governments, and schools, should be banned from paying ransoms. Callow emphasises that the current influx of money into the ransomware system ensures that the problem will persist unless decisive measures are taken.

The escalating frequency of these cyber raids has prompted the Department of Health and Human Services to develop new rules to help hospitals protect themselves from cyber threats. The department plans to revise the Health Insurance Portability and Accountability Act (HIPPA) to include provisions addressing cybersecurity. Additionally, they are considering implementing new cybersecurity requirements tied to hospitals' Medicaid and Medicare funding.

Deputy Secretary Andrea Palm acknowledges the importance of preparedness but expresses concern for hospitals, particularly in rural areas, that may struggle to afford necessary cybersecurity updates. The Department of Health and Human Services is seeking additional funding from Congress to tackle this issue effectively.

The consequences of a cyberattack on a hospital are significant. Networks can be offline for weeks or even months, forcing hospitals to turn away patients. The Ann & Robert H. Lurie Children's Hospital of Chicago, one of the nation's top children's hospitals, has been battling a cyberattack that has forced them to take their phone, email, and medical record systems offline. The FBI is currently investigating the incident.

While Lurie Hospital has established a separate call center for patient needs and resumed some care, the road to full recovery will be long and arduous. It can take months of behind-the-scenes work to restore operations fully. These incidents have far-reaching effects, impacting patient care, payroll, and various other aspects of hospital functioning.

• Hospitals are increasingly vulnerable to cyberattacks, putting lives at risk.

• Cybercriminals are targeting hospitals for hefty ransoms, with attacks on the rise.

• The US government needs to take more meaningful action to address the issue.

Source: AP NEWS