Nowhere else is the link between cybersecurity and personal safety more apparent than in healthcare. As health providers integrate computers into more and more patient care operations, cyberattacks that target these systems have a direct impact on citizens’ health. The threat is not hypothetical. Hackers are already targeting hospitals across the country.
From Paper to Computers: The transition from paper record-keeping to electronic records—often mandated by laws that do not require strong security measures—has exposed sensitive personal data to malicious hackers, while also boosting the number of attack points;
Connected Devices: Medical facilities increasingly integrate computing technology into critical medical devices, many of which lack internal security measures; and
Culture: Many medical practitioners view cybersecurity as an impediment to patient care, which often depends on seamless processes and convenience.
In May 2017, a computer virus known as WannaCry infected hundreds of thousands of computers across the globe with ransomware, encrypting systems so they became unusable. Dozens of hospitals across the United Kingdom were affected; some were forced to turn away patients at the door. While the global span of WannaCry attracted significant media attention, it has overshadowed a constant stream of ransomware attacks on hospitals across the United States. These have forced many healthcare facilities to pay small ransoms, or lose access to critical medical systems.