Healthcare systems across the world continue to face critical challenges, such as the COVID-19 pandemic and the increasing threat of cyberattacks. The scale of attacks against healthcare providers has continually increased since last year and honestly, it is scary.

What happened?

A San Diego-based non-profit system, Scripps Health, with five hospital campuses was forced to shut down its IT systems supporting its healthcare facilities, on May 1, due to a cyberattack. The incident severely sabotaged care, forcing medical personnel to use paper records. In addition to this, the system is still offline and has not stated when it will be back online.

Why does it matter?

  • While it has been more than a year since the pandemic struck and the world lost more than 3 million lives, threat actors are still hell-bent on disrupting the networks of healthcare facilities, with no concern for human lives.
  • Moreover, widespread flaws across the healthcare sector create lucrative potentials for cybercriminals, thus, driving the surge in attacks.

Other relevant incidents

  • The University of Florida Health Shands underwent a breach, impacting 1,562 individuals. Details such as name, phone numbers, addresses, dates of birth, and medical record numbers, along with clinical information from ER visits are suspected to have been accessed.
  • UnitingCare Queensland, health and community care provider, was hit by REvil, suspending the facility from the national My Health Record system.
  • San Antonio-based CaptureRx fell victim to a ransomware attack in February and attackers gained access to the Personal Health Information (PHI) of more than 24,000 individuals. The attack also impacted several of CaptureRx’s healthcare provider clients.

The bottom line

Ransomware attacks are no more limited to financial extortion but have transcended every boundary, including that of jurisdictions, geography, and businesses. The healthcare sector has taken the brunt of these attacks, which are not expected to stop anytime soon. Thus, it is recommended that flaws in systems are immediately patched and proactive measures are taken to defend against these threats.

Cyware Publisher