HBO’s popular medical drama “The Pitt” is raising the profile of an urgent threat experts wish even more people were talking about: Health care networks around the world are being bombarded by cyberattacks, and they are ill-equipped to deal with them. (Note: Spoilers ahead).
The issue has impacted hospital systems, ambulance providers and pathology services globally — sometimes with deadly consequences. The latest cyberattack on medical device provider Stryker knocked out its networks across the globe, leading to disruptions to its electronic ordering system and a patient data system used by first responders.
“Every day, hospitals are being targeted,” said Cynthia Kaiser, a former top FBI cyber official and head of cyber firm Halcyon’s Ransomware Research Center. “A lot of hospitals operate on thin margins, and they think they have to choose between patient care and cybersecurity.”
Experts have praised “The Pitt,” now in its second season, for its medical accuracy and for portraying the fast-moving and often overlooked consequences of a cyberattack across hospital networks. In the show, the fictional Pittsburgh Trauma Medical Center is dealing with the fallout of ransomware attacks that shut down operations at two nearby hospitals, leading to an influx of patients being diverted to its already overcrowded emergency room. Not long after, the hospital IT department abruptly shuts down the hospital’s systems, including all internet-connected charting programs and medical devices, to protect its networks.
While it’s unlikely that a hospital system would preemptively pull the plug on its networks before an attack, ransomware attacks often force health care organizations to sever internet connections. The goal is to effectively freeze any hackers and prevent further damage to their systems.
“Threat actors that access systems come in through one door, but then often leave back doors,” said Lisa Sotto, a partner at Hunton, a cyber and data privacy law firm that deals with breaches on health care institutions. “And to do the forensic investigation to find all the back doors, close them and shore up any vulnerabilities, it’s sometimes necessary to disconnect entirely.”
But completely shutting down hospital systems, even for a short term, can come at an immense cost for doctors and nurses scrambling to provide care without access to critical tools used to diagnose or treat patients. In “The Pitt,” hospital staff across departments are seen frantically reorienting themselves using paper charts and fax machines to send test results and fill medication orders.
A similar scene played out inside the University of Mississippi Medical Center late last month, after a ransomware attack forced it to close dozens of its clinics across the state and cancel many patient procedures for over a week. The organization’s emergency department — which is the only level one trauma care system in the state — remained open during the outage. But providers shiftedto using downtime procedures, such as paper documentation and makeshift command centers, for patient care.
While UMMC was able to resume normal operations in less than two weeks, these attacks typically disrupt hospital systems for an average of 17 days.
Health care organizations are an attractive target for hackers because of the troves of sensitive medical data housed on their servers, the maze of outdated legacy systems used to provide patient care and financial limitations that prevent investment in robust security protocols. And while the FBI advises against paying a ransom to hackers — given that it only encourages future hacking sprees — the choice for hospitals can be a matter of life and death for patients under their care.
“Hacking groups either want to get paid, want to collect data or they want to create chaos,” said Paul Connelly, former chief security officer at hospital system HCA Healthcare. By attacking a hospital, he added, hackers can “achieve at least one of those goals, or all three at once.”
Lawmakers in Washington have pushed legislation to stem the barrage of attacks on U.S. health care systems and provide federal support to struggling hospitals and medical centers.
One such bill, the Health Care Cybersecurity and Resiliency Act, would provide federal grant funding to health care organizations for more robust cybersecurity protections. It would also compel the secretary of Health and Human Services to partner with the Cybersecurity and Infrastructure Security Agency to help rural health care providers and boost cyber literacy. The measure overwhelmingly passed the Senate Health, Education, Labor and Pensions Committeelast month.
Cybercriminals are sometimes operating with the support of top cyber adversaries, which poses an even larger risk to national security. In 2022, the FBI accused Iranian government-backed hackers of attempting to breach Boston Children’s Hospital, and Iranian-backed hackers may have been behind this week’s Stryker outage.
Still, some fear that not enough has been done and want their governments to punch back harder. A recent POLITICO poll revealed that many people in NATO allied countries, including the U.S., U.K., France, Germany and Canada, believe that a cyberattack that shuts down a hospital should be considered an act of war.
The Trump administration has vowed to impose “consequences” on hacking groups that target critical infrastructure, including hospitals, in the recently released National Cyber Strategy. But the doctrine’s vague details don’t address plans to better shield the health care sector, which is under near-constant threat.
“People need to care about this. Security officials need to care about this. There needs to be more outrage across society about what these hackers are doing,” Kaiser said.
from Politics, Policy, Political News Top Stories https://ift.tt/rCyLuOs
https://ift.tt/TsECVRh
0 Comments