How Cyberattacks Affect Patient Care

How much trust do we place in our healthcare systems to save lives? What happens when cybercriminals bring those systems to a halt? Ransomware attacks on healthcare organizations aren’t just about stolen data—they can delay treatments, misdiagnose conditions, and even result in tragic loss of life. 🚨 Key insights from real-life stories of ransomware’s impact on healthcare: 🔑Lives lost due to delays: A newborn’s death at Springhill Medical Center and a critical patient’s death in Dusseldorf showcase the deadly consequences. 🔑Chaos and misdiagnoses: When systems are down, healthcare workers are forced into error-prone manual processes, increasing risks for patients. 🔑Healthcare as a prime target: Cybercriminals exploit healthcare’s reliance on technology, knowing that hospitals often pay to regain access. The takeaway: Investing in robust cybersecurity isn’t just a tech priority—it’s a life-saving necessity. 👉 Let’s discuss: What proactive steps should SMB healthcare organizations take to protect their patients from ransomware’s devastating effects? #CyberSecurity #Healthcare #Ransomware #PatientSafety #Leadership #DataProtection

Tales from the CyberSecurity Interview Files: Misaligned IAM Roles in Healthcare Here’s a scenario that still has me shaking my head. Not too terribly long ago, I spoke with a recruiter about an IAM consultant position supporting a large healthcare client. As I always do, I asked the hard questions: What operational phase does the client need this consultant to work in? How will responsibilities be divided to avoid conflicts of interest? The recruiter’s response? Crickets. Not only could they not answer, but they also made a point to tell me I was the only candidate who had even asked. Here’s the kicker - the role combined conflicting responsibilities across architecture, engineering, and analyst functions. And when we’re talking about IAM in healthcare—an environment where every second matters—that’s not just a poorly scoped job; it’s a recipe for disaster. There are REAL Risks when IAM Roles in Healthcare are Misaligned. This isn’t just about the consultant. This is about the patients and hospital staff who rely on these systems to do their jobs and save lives: 1️⃣ Patients’ Lives at Stake: If a clinician can’t access critical systems during an emergency, the delay can mean the difference between life and death. Poorly designed IAM solutions leave systems vulnerable to breaches, jeopardizing sensitive patient data. 2️⃣ Healthcare Staff Under Pressure: Frustrating workflows and access delays take time away from patient care and add unnecessary stress to already overburdened teams. Poor privilege management puts staff credentials at risk, making them easy targets for phishing or ransomware attacks. 3️⃣ Ransomware Chaos: Misaligned systems create vulnerabilities that attackers exploit. When ransomware takes down systems, everything—from surgery schedules to life-saving devices—grinds to a halt. 4️⃣ Erosion of Trust: Patients expect their records to be secure and accessible. A breach not only harms the individual but also undermines public trust in the entire healthcare system. What's the moral of the story? IAM in healthcare is not just another technical project. It’s a lifeline. The stakes couldn’t be higher, which is why it's VITAL to prioritize these key focus points... Clarity of Roles: Define responsibilities to avoid conflicts of interest and ensure effective execution. Patient-Centered Solutions: Design SOLUTIONS that empower healthcare teams to act fast, securely, and with confidence. Trust at the Core: Protect patient data to maintain the integrity of the patient-provider relationship. The recruiter may not have appreciated my questions, but they revealed something critical... a lack of preparedness can rip through an entire organization, putting patients, staff, and even public health at risk. What’s your take? Have you seen IAM challenges like this in healthcare or other critical industries? Let’s discuss. #CyberSecurity #IdentityMob #BusinessRisk #SellingSolutions #PatientSafety #ZeroTrust #CleverGirl

Cybersecurity in healthcare isn’t just an IT issue—it’s a catastrophe for national security. Christian Dameff, MD, an emergency physician and cybersecurity director at UC San Diego Health, says healthcare institutions are seeing ransomware attacks almost weekly. These breaches aren't just a goldmine for sensitive patient data—they're crippling healthcare providers' ability to actually treat patients. As I've written about before, the Feb 2024 BlackCat/ALPHV cyberattack on Change Healthcare left over 900K physicians, 33K pharmacies, and 5K hospitals in turmoil. Six months later, the fallout still reverberates. And we're only at the beginning of what's to come. We're in the midst of an industry-wide emergency, and no one's sounding the alarm. Last Wednesday, American Hospital Association reported that the infamous ransomware group Everest is targeting healthcare. Per the AHA, Everest acts as "initial access brokers," selling compromised account access to attackers (using legit cybersecurity tools like Cobalt Strike). Ardent Health Services, Prospect Medical Holdings, and Lurie Children’s Hospital have also been hacked, to name a few off the top of my head. With consolidation making it easier, finding a loophole in Epic’s software—dominating 89% of the US acute care EHR market—lets hackers pick off hospitals one by one. The financial and patient care impacts are dire. The average cost of a healthcare breach is $10.10M (!), the highest of any industry (think: regulatory fines, legal fees, reputational damage, and loss of patient trust). As for patient care, cyberattacks can halt surgeries and disrupt care, as seen in the CommonSpirit Health ransomware case, which allegedly cost a life. If we allow cyberattacks to fester, they could turn into a national security threat from a military and/or critical infrastructure standpoint. The government must act now. If we don’t, we risk financial ruin and the safety of millions of Americans. If you enjoyed this post, subscribe to Hospitalogy; my 2x/week newsletter dedicated to healthcare industry news and analysis. Join 35K+ other investors, executives, and healthcare professionals: https://lnkd.in/gTukq68q Sources https://lnkd.in/gw6P82GA https://lnkd.in/gvWqT4F7 https://lnkd.in/gPvNYAmv https://lnkd.in/gWq-B_tM

Russian cyberattacks against hospitals are now a weekly occurrence and are wreaking havoc for patients and all those who work in the sector. But Russia's cyberwar against the weak, the sick, and those in need of medical attention is literally killing patients. The 'Black Basta' Russian cyberattack against the Ascension Health system has caused dangerous medication mix ups including patients administered narcotics by mistake, leading to an admission to intensive care for life-threatening breathing difficulties. In another case, a female patient suffered a cardiac arrest and died after data mishaps delayed test results that would determine her life-saving treatment. Elsewhere, a nurse working for the Kansas branch of the major medical group recalled a 'near miss,' which involved him almost administering a potentially life-threatening dose of narcotic to a baby — because of confusing paperwork. Employees at Ascension, a Catholic healthcare system with more than 140 facilities across the country, said these patients are just some of those suffering from the continued fallout of a cyberattack last month. The healthcare giant 'detected unusual activity' across its networks, which left doctors and nurses locked out of digital systems and unable to access vital details about patients' care. https://lnkd.in/g5sQDZrn

Today Microsoft Threat Intelligence released a new report that sheds light on the current healthcare threat landscape associated with ransomware attacks, and the numbers are alarming across the board. • Healthcare is a prime target: The healthcare/public health sector was one of the top 10 most impacted industries in the second quarter of 2024. • Surge in ransomware attacks: There has been a 300% increase in ransomware attacks since 2015. • Financial impact: Healthcare organizations lose up to $900,000 daily on downtime alone during a ransomware attack. • Ransom payments: Out of 99 healthcare organizations that admitted to paying ransoms, the median payment was $1.5 million, with an average payment of $4.4 million. • Patient care impact: Ransomware attacks can severely affect patient care, including: • 113.6% increase in confirmed stroke cases at nearby unaffected hospitals • 81% increase in cardiac arrest cases • Significant drop in survival rates for out-of-hospital cardiac arrests with favorable neurological outcomes (from 40% pre-attack to 4.5% during the attack)

🚨 Ransomware shuts down 14 hospitals. Staff revert to pen + paper. Scam calls follow within hours 😳 That’s what unfolded at Kettering Health (a major health system in Ohio with 14 hospitals and 120 outpatient facilities) before Memorial Day weekend — a stark reminder that healthcare technology is still dangerously exposed to cyber threats. Here’s what we should all be paying attention to: ✅ Healthcare’s digital backbone is fragile. One attack took down a health system serving an entire region — 14 medical centers and 120 outpatient facilities! ✅ Cyberattacks now come with a playbook. Interlock, the ransomware group behind this, doesn’t just lock data — they steal it, leak it, and exploit patient fear to pressure victims into paying up. ✅ Randomware attacks in healthcare are not isolated events anymore. Interlock has also attacked DaVita, Ascension, Texas Tech University Health Sciences Center, and multiple behavioral health and public agencies. Per Federal Bureau of Investigation (FBI) report, the health sector reported more than 440 ransomware attacks and data breaches in 2024 (highest amount of all critical infrastructure sectors) ✅ Scammers moved in fast. Within hours, fake calls mimicking Kettering Health were targeting patients for payment. ✅ Preparedness helped — but only so much. Staff had downtime procedures and quickly pivoted, but canceling procedures and operating without critical systems shows the real cost of reactive cybersecurity. My hot take: This IS NOT just a technology issue — it is a patient safety and public trust issue. If you are in healthcare leadership or health IT, this is your signal: cyber resilience has to be part of patient care planning. Act now! 🔍 What’s one measure you believe every health system should implement this year to guard against ransomware? Please let me know in the comments below - love to learn! #Healthcare #Technology #LIPostingDayMay

Still think ransomware is just an “IT problem”? Consider this: During a ransomware attack, in-hospital mortality goes up about 20 to 35% for patients admitted to a hospital undergoing an attack. Six in 10 health care providers have been hit by ransomware attacks in the last year. In 2020, a ransomware attack forced a hospital in Düsseldorf, Germany, to close its emergency department, and a patient died in an ambulance while being rerouted to another hospital. Also in 2020, a woman sued an Alabama hospital after the death of her newborn baby, alleging that doctors failed to carry out critical pre-birth testing due to a cyberattack on the hospital, which meant the baby was born with the cord around its neck. This led to brain damage and — a few months later — the baby’s death, she argued. And now, hospitals in at least three states are diverting patients from their emergency rooms after a major cyberattack hit their parent company last week. The catastrophic harm ransomware attacks cause to organizations across all sectors cannot be overstated. From a purely financial perspective, the average cost of a ransomware attack is $4.3 million — and that is without paying the ransom. Organizations in every industry are being targeted, which means every organization needs to be prepared. How? Start by asking these questions: -Do we have an incident response plan? -Who is on our incident response team? -Have we drilled our plan in a realistic exercise? -What are our regulatory requirements? -Who is our cybersecurity attorney? -Who is our digital forensics investigation firm? -Do we have adequate insurance? -Are we prepared? If you can’t confidently answer these questions, reach out to the cyber team at Buchanan Ingersoll & Rooney PC. We can help. We are an Authorized Breach Coach law firm. Our attorneys and security engineers specialize in cybersecurity preparedness and incident response and are available to assist 24/7. Experiencing an incident or want to learn more? Email us at cyber@bipc.com #cyber #cybersecurity #ransomware NetDiligence® BLACKOPS PARTNERS Chris H. barricade cyber solutions Chuck Brooks The Cyber Guild Alex Keedy Surefire Cyber Inc. PCS CYBIR Kroll Cyber Risk Acture Solutions Pondurance FBI Cyber Division Cynthia Kaiser Higginbotham Corey H. LookingGlass Cyber Solutions, Now Part of ZeroFox David Eapen Tiffany Yeung Andria Adigwe Kimberly Schriver, MHA, MBA, CMPE RoseAnne Moises Scott M. Angelo Alison King

In 2017 when I was a fresh-faced cybersecurity lawyer full of whimsy about how cool the practice was, Grey's Anatomy aired an episode about a ransomware attack closing down Grey Sloane Memorial Hospital. I remember thinking - this is going to happen one day. Over Thanksgiving, a ransomware attack on a Tennessee-based healthcare company forced hospitals in New Jersey, New Mexico and Oklahoma to reroute ambulances to other healthcare facilities and re-schedule non-emergency surgeries. This isn't the first time. In fact, NPR covered this issue last month. On that segment, Hannah Neprash, a health economist at University of MN, reported that in-hospital mortality goes up about 20 to 35% for patients who have the misfortune to be admitted to a hospital when that hospital goes through a ransomware attack. https://lnkd.in/gw5QqCPr Don't be fooled into thinking ransomware isn't a matter of life or death. This latest attack is a perfect example of how it can be. https://lnkd.in/gTVAfTGS

Sadly, this is not a wake-up call. That call already happened last year, when the Akumin/Alliance breach crippled radiology services for almost a thousand hospitals in America. Now a similar chapter is being written in Minnesota, where another shared radiology provider has been attacked. When this happens, hospitals divert patients. When hospitals divert patients, and those patients are in urgent need of care, they can die. Hospitals are learning in the hardest way possible the importance of third party risk management, in addition to the already daunting proposition of defending their own house from cyber threats. Few hospitals in this country are properly staffed to put their arms around all of this and do it well. We are in the hardest part of the timeline for healthcare cybersecurity right now.