HAP Blog

Stay Vigilant Against Cyberattacks

Are you staying up to date on the latest cyber news?

May 16, 2023

If you haven’t read the news lately, you’ve probably missed a few headlines about the rise in cyberattacks against hospitals and the public health sector.

We are seeing more urgency to address this issue at all levels, but it’s particularly important for emergency managers to monitor the latest cyber developments in health care. Citing the rise in cyberattacks against hospitals and other public health organizations, the federal government last month launched free training for health care workers, as well as a new analysis of the hospital cybersecurity landscape.

The analysis from the federal government provides another reminder that the challenges we face aren’t getting easier.

“The attacks are now growing both in numbers and severity,” the analysis on hospital cyber resiliency said. “These attacks have been responsible for the disruption and delay of care delivery at health care facilities across the country, resulting in an increased risk to patient care and safety.”

A few observations from the report stood out to me:

  • Constant ransomware target:  Hospitals always will be a ransomware target, since disruptions to patient care are high-profile events. These attacks are “outsized and growing.”
  • Tools in your toolbox:  Multi-factor authentication, vulnerability assessments, training and outreach, and tabletop exercises are core elements to reduce your cyber risks. We see variable adoption of these prevention tools in the field.
  • Software threats:  An overwhelming majority (96%) of hospitals claim they were operating with end-of-life operating systems or software with known vulnerabilities. Operating with antiquated systems makes it harder to patch vulnerabilities and increases our risks.
  • Supply chain challenges:  Damage to our supply chains can disrupt patient care, but less than half of hospitals indicate they have adequate coverage to manage supply chain risks.
  • Cost of coverage:  Cost for cybersecurity insurance is rising. Premiums for this coverage increased 46 percent during 2021, and a few facilities reported 100 percent increases during 2022.

We know that the stakes for our organizations are high, as these attacks can delay procedures, shut down labs, and cause other disruption that harms patient safety. This isn’t a complete doom-and-gloom story, but it’s important we take the time to see the digital threats around us.

Make it a habit to stay up to date on the latest headlines and news from the Health Sector Cybersecurity Coordination Center and other official sources. After all, the more we know about the threats around the corner, the better we can respond in real time.

For more information about health care cybersecurity, contact Jason Tomashunas, MS, CHEP, HAP manager, emergency management.

Please login or register to post comments.