Healthcare facilities see uptick in cyber-attacks
Hospitals are now fighting more than disease.
The FBI says increasingly, hackers are launching cyber-attacks against medical facilities.
“Hospitals have computers everywhere,” explains Tony Chiappetta, the founder and president of CHIPS, a White Bear Township cyber security firm. “Connecting to patient records, centralized databases, MRI data, all these things.”
This week, a cyber attack hit Prospect Medical Holdings, a company with hospitals and clinics in California, Texas, Connecticut, Rhode Island and Pennsylvania.
It disrupted computer systems, forcing emergency rooms to shut down, and ambulances to be diverted.
“These are threat-to-life crimes,” says John Riggi, a cybersecurity expert with the American Hospital Association. “Which risk not only the safety of the patients within the hospital, but also risk the safety of the entire community that depends on the availability of that emergency department to be there.”
Elective surgeries, outpatient appointments, blood drives and other services were suspended.
Prospect released the following statement:
“Upon learning of this, we took our systems offline to protect them, and launched an investigation with the help of third-party cybersecurity specialists. While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible.”
No Midwest locations were affected, but experts say this is an example of a potential impact.
Chiappetta says hospitals can be especially vulnerable.
“It’s not just the computers. It’s all the different pieces of equipment that sometimes have to run older versions of software,” he says. “All of their medical equipment that you see beeping are tracking patient information. All that stuff is connected into their network. So, they’ve got just exponentially more points of vulnerability than an average business would.”
The FBI says the average cost of a healthcare data breach reached nearly $11 million in 2023 — a more than 50% increase since 2020.
The agency’s latest threat intelligence report says bad actors are using medical records as leverage to pressure breached organizations to pay a ransom — and, that personal information was the most commonly breached — and the costliest.
Chiappetta says hospital hackers are searching for personal information and medical records.
“Those medical records are typically the ones that go for the most money on the dark web,” he says. “They can sell them on the dark web and make a good amount of money that way, if for some reason an organization won’t pay up.”
Riggi says the recovery process can take weeks — with hospitals reverting to paper systems, and humans monitoring equipment normally run by computers.
5 EYEWITNESS NEWS reached out to a number of healthcare systems in Minnesota.
Allina Health says it’s using ‘industry-best practice solutions’ to identify threats on a real-time basis.
The company says it’s been monitoring this latest cyber-attack and has no evidence it’s been affected.
Chiappetta says medical facilities, if they haven’t done it already, might consider compartmentalizing data and limiting the tasks of computers.
“It’s more of an isolation and containment,” he notes. “Where the medical devices can live in its own self-contained area, that it only interacts with devices that it’s supposed to, and the manufacturer itself, if there’s any kind of upkeep needed.”
Chiappetta says fixing and updating unaffected systems can be a slow task as well.
He says hospital IT personnel often have a huge number of devices they must service and upgrade.
“It’s very time intense. It’s very segmented,” Chiappetta says. “Every manufacturer has a different set of updates and they’re trying to update their software. It’s a lot of things to contend with, in the hospital environment.”