Cyberattacks on Health Care Are Rising — But Many Hospitals Aren’t Prepared
Last September, infectious disease physician Hana Akselrod was already deep in the throes of the COVID-19 pandemic when another crisis took hold: Hackers deployed ransom-seeking malware (commonly called ransomware) on George Washington University Hospital’s web of devices. Akselrod and colleagues suddenly lacked resources like electronic health records that facilitate quick and efficient care. Like the Colonial Pipeline ransomware attack this past May, much of the hospital system’s critical infrastructure came to a screeching halt.
As the hospital shifted offline, the staff traveled two decades back in time: Like in Akselrod’s medical school days, the hospital had to rely on paper files and triple-check for any errors that are normally fixed by computers. Besides posing an inconvenience, the crisis also risked lives. The hospital was forced to divert ambulances because the overextended staff couldn’t take new admissions. The breach also interfered with urgent test results. For example, medical interns can usually refresh a patient’s chart to receive important test results right as they arrive. In the wake of the cyberattack, interns scrambled between floors to check with the lab and report back to doctors.
Such delays can be costly: If a test indicates a quickly moving infection like MRSA, Akselrod explains, physicians […]