With the 2021 year closing out, action is required in relation to 2022 health security. This is due to the vast number of assault upon healthcare IT systems during 2021 and the necessity of reducing these.
Healthcare data remains attractive for cyber-criminals due to the size of many databases and in relation to the rich streams of information contained within them, including personal contact and medical details.
Commenting on the activity within the healthcare space is Leon Lerman, co-founder and CEO of Cynerio.
Lerman tells Digital Journal what the attacks mean and some of the actions that firms need to consider during 2022. As he explains: “While cyberattacks on critical infrastructure – such as the Colonial Pipeline and a Florida water plant – created a lot of buzz this year, last year we saw a 123 percent increase in the number of ransomware attacks on the healthcare industry – a trend that has unfortunately continued to plague the healthcare industry throughout 2021.”
There are also some specific risk factors around the nature of the attacks. Lerman adds: “Worse yet, attacks on hospitals have turned deadly. A recent Ponemon Institute report found that ransomware attacks on healthcare providers can lead to increased mortality, and the first ransomware-related fatality in the U.S. was recently reported at Alabama-based Springhill Medical Center.”
These examples detail the seriousness of the attacks and the impact upon operations and the services provided to patients. Several of the attacks led to delays in treatments, cancellation of non-emergency procedures.
As to what next year has in store for the battered healthcare IT systems, Lerman predicts: “As we head into 2022, it is likely we will see an increase in both the sheer number of attacks on hospitals as well as severity.”
This is why robust action is essential. Lerman recommends: “It will be critical for hospitals to have proactive response strategies in place to prevent attacks and ensure continuity of care in the event of an attack. Additionally, more government intervention is needed – as has been the case for cyberattacks like that on Colonial Pipeline – to ensure hospitals are prepared with the tools they need to address the evolving threat landscape in healthcare. It could be the difference between life or death.”