The Growing Danger of Cyberattacks on Hospitals

Ki James
Ki James
November 15th, 2021
surgery-room

The pandemic hit the American medical infrastructure hard over the last two years; however, it’s not the only threat our hospitals face. Increasingly, vital life-saving facilities are attacked by malicious actors seeking to extract capital from vulnerable targets.

That being said, why are hospitals such easy targets, and how bad is the problem?

Why Hospitals?

Hospitals often have hundreds of staff members, many of which engage with technology on a regular basis. Despite this fact, they often aren’t the most technically savvy. As a result of this, things like phishing scams to install ransomware are a very attractive option to any would-be hackers.

The problem goes deeper than that.

Over the last several years, cyberattacks on hospitals were actually relatively low for comparable industries; however, the number of attacks have quadrupled over 2020. According to a report from Sophos:

This is likely because of the financial and resource challenges that healthcare IT faces. These teams are commonly understaffed, and they were particularly stretched last year due to the pandemic. At the same time, many healthcare organizations don’t want to divert funds to cybersecurity when those funds could be used to buy medical resources that more directly relate to patient care. Another possible factor contributing to the higher impact of ransomware on healthcare is legacy equipment that is difficult to update or patch, providing easy entry points for attackers.

In other words, understaffed IT crews working with deprecated technology during an unprecedentedly strenuous time on the hospital system make for a serious problem.

How bad is it?

A 2021 report from Cenisnet investigating the significance of these attacks found some truly shocking results. They found that, as a direct result of the attacks, 25% of hospitals reported that their death rates increased.

With the numbers of attacks increasing, these death rates are sure to result in otherwise totally preventable human lives.

Easy solutions?

Expanding funding to IT departments and training employees to recognize and avoid attacks would go a long way to prevent the problem. Additionally, even mainstream media coverage bringing attention to the problem can motivate hospital administrators to update their software, and take steps to stop this problem from getting worse.