Feb 18, 2022 - Health

Hospitals on high alert for cyberattacks

Illustration of a shield with medical cross across the front

Illustration: Sarah Grillo/Axios

Federal officials issued alerts this week about the increased potential for cyber attacks against critical U.S. infrastructure targets as tensions escalate between Russia and Ukraine — and that includes health care.

Why it matters: But as health care continues to grapple with the strain of the pandemic, it could be particularly vulnerable to attacks, experts say.

What they're saying: "Even before this escalation with Ukraine, I was seeing threat actors take advantage of COVID for ransomware attacks because hospitals were short-staffed, everyone was stressed, the hospitals' census population is super high," Heather Hughes, director of client engagement and solutions at cyber insurer Resilience, told Axios.

  • The use of staffing agencies also creates a prime environment for breaches, Hughes said, as that part of the workforce lacks familiarity with local electronic systems. "When they go to log in, for example, for their first shift, it's 'Click this link for your time card.' They may click that link. Now they've introduced ransomware."

State of play: Federal warnings this week point specifically to concerns about spearphishing emails, an area health care organizations are especially vulnerable to because email continues to be a primary mode of communication for legal and compliance needs, said Sakthi Chandra, vice president of marketing for cybersecurity firm Armorblox.

  • This is particularly problematic as the recently released 2021 HIMSS Healthcare Cybersecurity Survey showed phishing attacks were by far the most common way health care IT systems are breached, said Lee Kim, director of privacy and security at HIMSS.

The big picture: The threat to all infrastructure is getting worse, with an 82% spike in ransomware-linked data breaches in the last year, according to a global threat report released this week from cybersecurity company Crowdstrike.

  • Even as companies get better at recovering from ransomware attacks, the attackers are upping the ante to make them more damaging, Crowdstrike senior vice president of intelligence Adam Meyers told CBS News.
  • "There's no backup solution that's going to stop that or help you there," Myers said. "If you think the ransom demand is high, the legal fees, the regulatory and compliance issues that come from that data being stolen and leaked to the internet can add up very quickly," he told CBS.

The bottom line: It's never a good time to let your guard down. But this is a time for particular vigilance, such as ensuring a good instant response plan is regularly practiced — even during the stress of the pandemic.

Go deeper