Connect with us

Hi, what are you looking for?

Tech & Science

Are merging US healthcare organizations especially vulnerable to cyberattacks?

Healthcare mergers make systems more vulnerable to breaches — today’s hackers know this.

healthcare data
Photo by Irwan iwe on Unsplash
Photo by Irwan iwe on Unsplash

A ransomware attack has taken place at CommonSpirit Health, which operates over 1,000 hospitals and care facilities across 21 U.S. states. The organisation continues to deal with the fallout from the incident. Security experts say such tie-ups and acquisitions make healthcare systems more vulnerable to security breaches.

The incident comes as the U.S. FBI warns firms that ransomware attackers tend to target companies going through significant financial events. With healthcare in particular, recent healthcare cyberattacks have hurt hospitals and research facilities, impacting the services they provide for the public and their various investors and stakeholders.

Looking at the implications of the attack for Digital Journal is cybersecurity evangelist and cyber espionage expert, Raj Dodhiawala, CEO of Remediant.

Dodhiawala begins by outlining the details behind the cybersecurity incident: “While CommonSpirit Health didn’t disclose the specific type of strategies and ransomware that attackers deployed, the entire incident which could impact millions of Americans comes as the organization was in the middle of a large debt issuance, and most notably, only a few years after the massive merger of Dignity Health and Catholic Health Initiatives.”

In terms of the implications from the incident, Dodhiawala says that: “Healthcare mergers make systems more vulnerable to breaches — today’s hackers know this. In fact, ransomware attackers typically target organizations that are going through big events like mergers and acquisitions, as there tends to be an imbalance in the cyber resiliency between the networks of the entities that are merging, and the tedious process of improving cybersecurity postures is not a priority.”

It also stands that healthcare is a major target for such attacks. Dodhiawala  sets this out: “As we continue to see the breadth of damage that ransomware is able to accomplish in healthcare within these types of despicable cyberattacks — and it’s clear mergers and acquisitions activity in the healthcare industry isn’t going to go away anytime soon, one way to bolster confidence is to gain insight into how admin authorization (not just authentication) is managed in the individual entities’ networks.”

The U.S. private, for-profit healthcare sector has been full of activity in recent months, with mergers and buyouts nudging the industry along in the form of new groups and organisations, often leading to different technologies coming together. Dodhiawala  also considers lessons to be learned. These are: “The sum total of the combined entity’s resilience is greatly weakened by excessive admin privileges and a fertile environment for lateral movement — a technique that’s used by nearly 80% of today’s successful ransomware attacks — making these insights critical during due diligence, and also during integration.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:


US President Joe Biden delivers remarks after signing legislation authorizing aid for Ukraine, Israel and Taiwan at the White House on April 24, 2024...


Meta's growth is due in particular to its sophisticated advertising tools and the success of "Reels" - Copyright AFP SEBASTIEN BOZONJulie JAMMOTFacebook-owner Meta on...


Iran's supreme leader Ayatollah Ali Khamenei leads prayers by the coffins of seven Revolutionary Guards killed in an April 1 air strike on the...


AfD leaders Alice Weidel and Tino Chrupalla face damaging allegations about an EU parliamentarian's aide accused of spying for China - Copyright AFP Odd...