Strategic insight for health IT leaders

Sergey Nivens - Fotolia

For CIOs, hospital cyberattacks present a likely threat

Cybercriminals have a greater likelihood of hitting hospitals than the community assaults envisioned after the 9/11 attacks. But technology is better poised to defend against them.

Just days after three hijacked planes flew into the World Trade Center towers and the Pentagon in 2001, I remember hospital officials telling me that every U.S. healthcare facility needed to prepare for how they'd react if a terror attack hit their community.

Fast forward 15 years, and some hospitals have indeed needed to enact such response plans -- for example, at medical centers in Boston; Orlando; and San Bernardino, Calif., after terror attacks in those cities.

But I argue that there's a far greater threat lurking in the world's networks as cybercriminals attempt to carry out hospital cyberattacks. Whether it's a terrorist, foreign country or plain old thief, stealing patient data takes far fewer resources and coordination than a physical attack on a building or city. And unlike the latter scenario, all hospitals are likely to experience the former at some point.

January's issue of SearchHealthIT's Pulse examines cybersecurity from several angles in the hopes of giving healthcare CIOs and IT professionals more ideas on how to avert -- and respond to -- a cyberattack.

News Writer Kristen Lee, with the help of three experts, probes directly into the problem by examining technologies to prevent and detect hospital cyberattacks. My favorite approach is the honeypot, which lures criminals to a fake server, akin to a digital mousetrap.

My favorite approach is the honeypot, which lures criminals to a fake server, akin to a digital mousetrap.

Meanwhile, Shaun Sutner, news and features writer, explores a past year's worth of assaults on hospital networks and data. The good news, Sutner reports, is that health IT security spending is poised to nearly double this year, according to research from the Ponemon Institute.

Contributor Reda Chouffani rounds out this issue with a look at five technological reasons hospitals remain targets for ransomware attacks. During such incidents, health data is held hostage until executives pay the perpetrator in cryptocurrency.

Having been a newspaper reporter in my early career, I know any kind of large-scale incident -- including hospital cyberattacks -- generates news coverage, and not the good kind. I hope our tips and information help keep your organization out of the headlines.

Article 4 of 4

Next Steps

Q&A: Cybersecurity for medical imaging systems

Homeland Security alerts hospitals about ransomware

Guide to better guard patient data

Dig Deeper on Electronic medical records security and data loss prevention

Get More Pulse

Access to all of our back issues View All