From cyber attack to heart attack: the hidden human impact of hospital hacks
When hospitals suffer cyber breaches, bureaucratic security measures may be leading to more fatalities.
Today’s hospitals are not sacrosanct. The large amounts of patient and staff data that they collect and store can make them prime targets for cyber attacks.
There is currently a lack of information on the link between hospital cyber breaches and patient mortality, but it may be the greatest danger is not from the hackers themselves. A US study published in September shows a correlation between the “improved” cyber security policies employed by hospitals after a hack, and the probability that patients will die within a month of experiencing a heart attack. The road to hell is paved, it seems, with good intentions.
Malware attacks on hospitals most often occur as collateral damage when uncontrolled extortive campaigns rampage across the internet. This was what happened during the massive disruption of the UK’s National Health Service (NHS) by the WannaCry ransomware in 2016.
In the wake of this disruption, heightened security measures were put in place to give patients and doctors a sense of anticipated protection as well as to stymie future breaches. However, the study shows the same features that make hospitals effective victims of cyber extortion also mean that new security measures can be counterproductive.
After WannaCry, for example, independent British healthcare charity the Nuffield Trust found that there was “confusion” about the ongoing threat, leading to all electronic systems being regarded as “mission-critical” and requiring hourly updates. This was not the case. But without investment across the system in healthcare-specific security infrastructure, the NHS resorts to more demonstrative options, such as an overindulgence in flashy technologies and generic policies that may do more harm than good.
This is exactly the approach that the researchers at Vanderbilt University and the University of Central Florida have warned …read more
Source:: New Statesman