In 2023, over 100 million people have been affected by healthcare cyberattacks, marking the worst year in history for such incidents. John Riggi, National Cybersecurity Advisor for the American Hospital Association (AHA), states that even though the quantity of attacks hasn’t risen significantly from previous years, the damage and scale of each attack has increased drastically.
- Approximately 106 million individuals have been impacted by cyber instances in the healthcare sector. This figure is more than double the number of those affected in 2022.
- Ransomware attacks continue to threaten major healthcare institutions, with records of over 11 million patients being compromised during an attack on HCA Healthcare earlier in the year.
- Decisions to delay treatments, transfer patients to other facilities, and temporarily divert services are some of the immediate negative effects of these attacks.
- Federal authorities are treating cyberattacks aimed at such organizations as a “threat to life,” given the direct impact these incidents have on immediate patient care and safety.
In terms of infrastructure, Riggi claims that no healthcare system is immune to attacks, regardless of their size and resources. He points out that the attackers have found success in targeting large volumes of data, creating a high-stakes scenario for the sector.
Ransomware groups are using a double-tiered extortion method by encrypting networks and exfiltrating data simultaneously. Riggi indicates that hackers are swiftly identifying software vulnerabilities and exploiting them before they can be patched.
The government has been urged to take a more aggressive stance against cybercriminals. Riggi suggests a “whole-of-government approach” that includes cooperation from military, intelligence, and law enforcement entities to interdict hackers’ finances and impose significant risks and consequences.
Cybersecurity is now a pressing concern among healthcare leaders, who recognize the potential harm of these attacks. The role of artificial intelligence (AI) is also coming to the forefront in managing these threats. Riggi believes that AI tools can accelerate vulnerability detection and patching while cautioning that criminals are also utilizing AI to enhance their attack strategies.