Recently, cyber attack risks have been grabbing headlines with the COVID-19 vaccine distribution being the center of attention. We see many opportunities for bad actors to attack the healthcare industry including continued ransomware attacks on hospitals and disruption of medical devices. While no one wants to see these types of attacks happen, it is important to highlight the potential threat to healthcare organizations and ways for the healthcare industry to mitigate their risks.
Cyber attacks against hospitals and healthcare organizations continue to make headlines and are even becoming more commonly depicted in TV shows and movies, largely due to the dramatic storyline and potential for substantial business impact. In fact Hollywood has taken quite a few liberties in portraying highly inflated impacts. In the real world, the FBI and Homeland Security have warned of threats to healthcare organizations “to be credible, ongoing and persistent”, as reported by Healthcare Info Security. These attacks can have both direct and indirect consequences. For example, the WSJ recently reported that threat actors manipulated stolen data related to coronavirus vaccines and published it on the dark web, causing confusion and mistrust.
With a focus on monetizing their efforts, a financial motivated ransomware attacker may take over medical devices or systems. However, such cyber attacks can also have indirect consequences like the recent example at Germany’s University Hospital Düsseldorf where a ransomware attack led a patient to be diverted and ultimately perish in transit. If hospitals are unable to fallback on manual procedures, any significant system disruption could result in a large impact on patient care.
Medical devices like implants and wearables could be the target of a detrimental cyber attack as well. Bad actors may try to hold a patient’s diabetes insulin pump ransom or try to hit a wider audience via a supply chain attack on the manufacturer that pushes malware to a multitude of devices. Equally dangerous are those who just wonder if they might actually be able to perform such an attack, motivated simply by their misguided curiosity and ego.
There is also a potential for attacking control systems like HVAC and boiler systems at healthcare organizations, which can setup a lateral move to other systems in the environment, or it may lead to a direct physical impact. For instance, a bad actor that exploits a control system has the potential to shut down the safety mechanisms which may cause it to overheat and possibly explode. Think it can’t happen? Wired reported an incident in Germany where a cyber attack created a massive adverse event because a furnace could not be properly shut down. While this was not a healthcare company, a furnace is a furnace. Who is to say that ransomware will not move directly to the physical realm where an actor effectuates an attack against a control system, putting lives at risk unless they are paid?
All of these attacks could be detrimental to the healthcare industry which is why we predict many healthcare organizations will expand their operations to include incident response (IR) specialists. Some will partner with cyber security experts that have specific experience supporting healthcare organizations and strong digital forensics incident response (DFIR) capabilities. Threats and vulnerabilities cannot be completely eliminated in any industry, and in the healthcare industry, the speed and accuracy of the digital forensics and incident response team is critical as timing could affect patient care and safety.
Want to see more of our predictions for 2021? See our top five predictions in our new eBook: Cyber Security Predictions for 2021: Insights & Trends
Founder & Chief Customer Officer
Pelletier is the original Founder of Pondurance, having started the company in 2008, and presently continues on as Founder and Chief Customer Officer. Prior to Pondurance, he was a Senior Manager at EY and Senior Consultant at Haverstick Consulting. He also served as a Computer Emergency Response Team Lead for the Indiana Army National Guard, as commander of HHC 88th Regional Support Group, an adjutant to the CIO – Deputy CISO, and as 2nd Lieutenant – Captain and Deputy Chief of Protocol for the U.S. Army. He graduated with a Bachelor’s Degree in English from Indiana University South Bend in 1994.