Lives at Risk: The Frightening Worst-Case Scenario of a Healthcare Data Breach


I follow a number of healthcare IT industry media outlets like Health Data ManagementFierceHealthcare and Healthcare IT News, and have presented at healthcare conferences. Most of the articles I read and the conversations I’ve had were data-driven and examined cybersecurity from an IT professional’s perspective. Because I’m so close to the industry and the challenges it faces, I sometimes feel like I’ve grown immune to the seemingly endless news headlines on the latest data breaches. That’s why I found a recent article in The Verge so scary. It puts a human face on the consequences of a breach.

Nicole Wetsman’s article, “Healthcare’s Huge Security Problem”, doesn’t waste any space on background like the financial or legal ramifications of a breach, or examining the effectiveness of various cybersecurity products. It begins by setting a frightening scene:

The patient lying on the emergency room table in front of Paul Pugsley was having a stroke. Time was running out. Pugsley, an emergency medicine resident at Maricopa Medical Center, knew he needed to send the patient for a CT scan. But when Pugsley looked over at the computer screen at the side of the room, he saw a pop-up message demanding bitcoin payment. A few minutes later, he was told that the same message had shut down the scanner — he’d have to help the patient without knowing whether the stroke was caused by a bleed or a clot, information that’s usually vital to the course of treatment.

After a few minutes of frantic workarounds, the patient — actually a medical test dummy — was wheeled out of the room (prognosis: survival, but serious brain damage). The flashing ransom note was part of a simulation, designed to expose physicians like Pugsley to the very real threat of cyberattacks on their hospitals.

Thankfully that scenario was just a simulation, and it’s reassuring to learn a medical facility is putting its employees through this kind of training. Because it’s not a hypothetical scenario, as the 2017 WannaCry ransomware attack taught us when it essentially shut down the United Kingdom National Health Service’s IT systems, among all the other damage it inflicted on organizations worldwide.

The healthcare industry is under siege. Wetsman reports that Sutter Health, a Northern California health care system, was targeted with 87 billion cyber attacks in just 2018 and “deals with countless cyberattacks daily”. According to the Ponemon Institute, 90 percent of all healthcare organizations have been breached in the past two years, and 45 percent have had more than five breaches.

In addition to using ransomware to prevent access to systems to extort money, electronic healthcare records are worth a lot of money to thieves. They can be sold for much higher prices than stolen financial records like credit card numbers on the black market. That doesn’t mean employees’ sensitive information aren’t at risk too. HealthcareInfoSecurity’s Marianne Kolbasuk McGee recently reported on two separate breaches where the attackers’ motivations were to steal payroll and other financial information.

Wetsman examines a number of issues the industry is grappling with, including trying to secure older systems whose manufacturers are no longer in business, the increasing adoption of smart Internet of Things (IoT) devices attached to providers’ networks and systems, and the shortage of skilled cybersecurity professionals that is affecting all industries. Our own research reveals that today’s antivirus solutions are susceptible to both unknown, new threats as well as old malware. Really, really old. Think ILOVEYOU, circa 2001.

There’s no way healthcare organizations can hide from hackers, or even prevent all malware from slipping past their defenses. But they can prevent those attacks from causing any damage to systems or data. Read our Healthcare Solution Brief to learn how.

Additionally, Nyotron will be at a number of upcoming cybersecurity conferences and trade shows, including the Cyber Security Summit in Philadelphia later this month, secureCISO in Houston on May 2nd, SC Media’s RiskSec 2019 in Philly on May 8th, and the Gartner Security & Risk Management Summit in National Harbor, Md. on June 17-20.


We welcome the opportunity to meet you in person, and you can connect with us before or during these events on LinkedIn and Twitter.

Rene Kolga is Senior Director of Product and Marketing at Nyotron, the developer of PARANOID, the industry’s first OS-Centric Positive Security solution to strengthen your AV or NGAV protection. By mapping legitimate operating system behavior, PARANOID understands all the normative ways that may lead to damage and is completely agnostic to threats and attack vectors. When an attack attempts to delete, exfiltrate or encrypt files (among other things), PARANOID blocks them in real-time.

No posts to display