Preventing cyberattacks in healthcare

Healthcare system cyberattacks have made exponential jumps, with a 94% increase in ransomware attacks alone from 2021 to 2022, according to a Sophos report.

Motivations for healthcare system cyberattacks vary. In the year-long battle against state-sponsored North Korean ransomware attacks, affected healthcare providers were locked out of their systems until a ransom was paid. Some hackers are politically motivated, as seen in the attacks against Planned Parenthood in Los Angeles, Washington D.C., and abroad.

A class action lawsuit has been brought against CommonSpirit Health after a ransomware attack compromised the information of over 600,000 people. The lawsuit claims that CommonSpirit Health failed to implement basic cybersecurity measures that left patients vulnerable to identity theft.

But identity theft is only one of the risks people face, as a 2020 report on cybersecurity in hospitals claims, “it is not possible to restore privacy or restore reverse psychosocial harm when private data are compromised.”

 The most common and immediate consequence of healthcare system cyberattacks is the shutdown of electronic health systems, delay of care, and diverted ambulances, according to JAMA Health Forum report. In a setting where every moment matters, this leads to an increased death toll in hospitals, even for routine patients. When a cyberattack shut down Springhill Medical Center in Alabama, healthcare providers were ill-equipped to monitor the signs of a nuchal cord birth and failed to perform a necessary c-section.

 How to prevent healthcare system cyberattacks

1. Use and update antivirus and firewalls software

Antivirus and firewall software are the most basic form of protection and prevent cyberattacks in the form of malware. Malware manifests are either spyware or ransomware. Spyware attacks often happen without disruption, and are discovered after data is stolen, as in the CommonSpirit Health data breach. Ransomware attacks typically disable a health system’s network until a ransom is paid, like in the case of Hollywood Presbyterian Medical Center, which paid $17 million to hackers to regain control of their network. Even with this software, it’s important to be cautious and vigilant of suspicious links.

 2. Educate employees

An organization is stronger when all employees are on board, and training is important to avoid cyberattacks from email and phishing scams. Phishing attacks happen when someone opens a malicious link in a seemingly normal email. Cybersecurity is a team effort, and education is the best way to prevent cyberattacks from phishing.

After an employee opened a malicious email, University of Vermont Hospital had to divert ambulances to other nearby hospitals, which could be especially dangerous in rural areas with few hospitals.

3. Use multi-factor authentication

There are countless programs that help hackers access passwords. Two-step or multi-factor authentication systems prevent someone who might be able to access a password from being able to access your system.

4. Manage vendor relationships with due diligence

Outsourcing is pivotal to a growing organization, but it’s important to vet the organizations you work with. CEO of ComplyAssistant, Gerry Blass, recommends making an updated Vendor Risk Management (VRM) program a priority in hospital and health systems’ cybersecurity. Organizations need policies that address risk assessment and establish contracts with vendors that reflect their standards.

5. Have a cybersecurity breach response plan

Blass also recommends ensuring a complete risk register and extending your disaster recovery business plan. A risk register will track potential risks, and having a disaster recovery plan in place helps hospitals and health systems respond in an efficient manner, and with less delays to patient care.

All about risk management

Implementing these measures won’t completely protect against healthcare system cyberattacks but will ghelp significantly lower the risk of ransomware and other criminal events that invade patient privacy, disrupt hospital operations, and impact care, as well as create potential legal consequences from data breaches.