Hospitals on the front line of cyberattacks are increasingly strained under the often deadly conditions created by such hacks.
Capitalizing on the chaos of the COVID-19 pandemic, cybercriminals frequently shut down hospital networks at a time when they were overwhelmed, leading to limited emergency services, canceled surgeries, and a spike in deaths.
Cyberattacks have long been viewed as less lethal than missile strikes, but as cyberstrikes hit hospitals and take lives, the calculus for how to respond could be changing.
John Riggi, the national adviser for cybersecurity and risk at the American Hospital Association, told Politico that it's time "to view these types of attacks, ransomware attacks on hospitals, as threat-to-life crimes, not financial crimes."
Some of the most common strikes against medical facilities, ransomware attacks occur when hackers encrypt networks and demand payment to unlock them.
Mortality rates increased after a ransomware attack at a quarter of the 600 healthcare facilities surveyed in a 2021 study from Proofpoint and the Ponemon Institute.
A ransomware attack in 2020 forced a Düsseldorf, Germany, hospital to close its emergency department, and a patient died in an ambulance while being sent to another hospital.
A woman sued an Alabama hospital in 2020 after the death of her infant, claiming that doctors did not perform necessary pre-birth testing due to a cyberattack at the hospital. The baby was subsequently born with the umbilical cord around its neck, which led to brain damage and the baby's death a few months later, she argued.
Cyberattacks against hospitals have also been on the rise.
"Unfortunately, 2022 appears to be another record year in terms of the volume of attacks against U.S. healthcare and the volume of sensitive patient information which has been either stolen or compromised by these foreign-based cyber adversaries," Riggi told Politico.
While most of the damage from U.S. cyberattacks is still to individuals' data or businesses' profits, the federal government has a list of 16 "critical infrastructure" categories, where a cyberstrike could cause a major breakdown in civilian services, including healthcare.
According to Politico, the Biden administration plans to make hospital cybersecurity a priority in 2023.
Speaking on condition of anonymity, a senior administration official told Politico that actions could include issuing executive orders to mandate healthcare cybersecurity standards or supporting legislation on the topic.
"Hospitals are a very targeted sector … it's something we're significantly concerned about," the official said.
© 2024 Newsmax. All rights reserved.