Over 20 Cleansweep Auctions End Tomorrow 06/25 - Bid Now

Increase in ransomware attacks to healthcare's vulnerable remote access systems threatens patients: ECRI

Press releases may be edited for formatting or style | April 12, 2024 Business Affairs
PLYMOUTH MEETING, Pa., April 12, 2024 /PRNewswire/ -- Ransomware groups are increasingly targeting vulnerable remote access systems in healthcare, with several high-profile incidents in recent months. Ransomware attacks can cripple a hospital's ability to serve patients by cutting off access to or manipulating essential technologies and patient data. Hackers can exploit remote systems to divert emergency vehicles, cancel appointments, and in worse-case scenarios, shut down entire facilities.

It's common for hospitals to grant remote access to their networks, including for hybrid or remote employees; for physicians accessing patient records; and for radiologists reading studies. Vendors are also given access to remote hospital systems to run financial operations such as bill payments; or to support medical devices, IT systems, or physical plant/HVAC systems. Attackers can exploit these entry points—gaining access to and moving throughout the network—if remote access systems are not protected.

"The consequences of these attacks can be devastating: vital medical records held hostage, treatment plans in disarray, and potentially deadly delays in care," said Marcus Schabacker, MD, PhD, president and CEO of ECRI. "Each unchecked vulnerability is a threat to patient safety. To grow complacent about cybersecurity in healthcare is to play fast and loose with patients' lives."

"Although we're seeing an uptick in ransomware that targets remote access, this threat is not new," added Schabacker. "ECRI has called out cybersecurity issues in our annual top ten hazards list every year since 2018 – with hackers exploiting remote access topping the list in 2019. It's alarming that the issue has only worsened in the years since."

ECRI's recent report includes recommendations for healthcare leaders to address ransomware attacks on remote access systems:

Ensure that Internet-facing systems (e.g., remote access systems, VPNs) are configured securely and that security updates are applied.
Routinely scan perimeter networks for vulnerabilities. Cybersecurity & Infrastructure Security Agency (CISA) offers vulnerabilities scanning to health delivery organizations (HDOs) at no cost. https://www.cisa.gov/cyber-hygiene-services.
Routinely audit against the CISA Known Exploited Vulnerabilities (KEV) catalog. https://www.cisa.gov/known-exploited-vulnerabilities-catalog.
Prioritize remediation of any systems affected by vulnerabilities listed in the KEV catalog.

You Must Be Logged In To Post A Comment