Malware. Ransomware. As if there wasn’t enough to plan for as you develop your security strategy, this week brings to attention another threat called killware.
In a USA Today interview, Homeland Security Secretary Alejandro Mayorkas revealed that hackers breached a water system in February with the sole intent to distribute contaminated water to Florida residents. Mr Mayorkas stated that this attack wasn’t for financial gain, but instead was solely for personal harm. Something they are seeing a significant rise in as hackers search for ways to infiltrate the nation’s infrastructure.
Instead of targeting data and digital technology, killware targets operational technology. Hackers aren’t looking at infiltrating systems for medical information or account profiles. Instead, they poke holes in critical infrastructure, trying to find ways of taking down the entire system.
Depending on the system they take down, that can lead to loss of life.
As hospitals and other medical practices become more reliant on technology, they expect AI and other systems to deliver patient care. When any security threat shuts down a medical professional's access to the system, it can increase the risk for patients that depend on that system for daily care.
An Alabama woman recently filed a wrongful death suit against a local medical center, claiming her baby daughter died after a ransomware attack shut down the hospital’s computer network. The lawsuit claims that without proper monitoring systems, the at-risk baby died when the nursing station wasn’t alerted to a sudden problem with the baby’s health.
While the child’s care might not have been the original target, the results were just as deadly.
In healthcare, practices and organizations often understand enough about cybersecurity to shore up PHI and other health records. It’s the focus of security for most medical businesses, large and small.
But what many forget is that hackers look for ease. Why break a lock on the front door when a side window is wide open? Medical device cybersecurity often provides an easy entry point for hackers. Implantable defibrillators, insulin pumps, and other critical devices can all be accessed via a network. And once a hacker is in and takes down a system, the entire medical service may be at risk.
The best way to prevent any cybersecurity attack is to create a strategy and have it in place before potential problems arise. Have you thought about:
- How will you identify where your greatest risks are and how you’ll fix them?
- How will you protect your systems from being attacked in the first place?
- How will you detect hacking attempts and the process you’ll use to gain control?
- How will you respond once an attack occurs?
- How will you recover, no matter how big or small the problem is?
Creating a plan before you face issues is the best way to be prepared for anything that comes your way.
For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.