News, Analysis, Trends, Management Innovations for
Clinical Laboratories and Pathology Groups

Hosted by Robert Michel

News, Analysis, Trends, Management Innovations for
Clinical Laboratories and Pathology Groups

Hosted by Robert Michel
Sign In

IT Experts Demonstrate How AI and Computer Microphones Can Be Used to Figure Out Passwords and Break into Customer Accounts

Clinical laboratories and pathology groups should be on the alert to this new digital threat; telehealth sessions and video conferencing calls particularly vulnerable to acoustic AI attacks

Banks may be the first to get hit by a new form of hacking because of all the money they hold in deposit accounts, but experts say healthcare providers—including medical laboratories—are comparably lucrative targets because of the value of patient data. The point of this hacking spear is artificial intelligence (AI) with increased capabilities to penetrate digital defenses.

AI is developing rapidly. Are healthcare organizations keeping up? The hackers sure are. An article from GoBankingRates titled, “How Hackers Are Using AI to Steal Your Bank Account Password,” reveals startling new AI capabilities that could enable bad actors to compromise information technology (IT) security and steal from customers’ accounts.

Though the article covers how the AI could conduct cyberattacks on bank information, similar techniques can be employed to gain access to patients’ protected health information (PHI) and clinical laboratory databases as well, putting all healthcare consumers at risk.

The new AI cyberattack employs an acoustic Side Channel Attack (SCA). An SCA is an attack enabled by leakage of information from a physical computer system. The “acoustic” SCA listens to keystrokes through a computer’s microphone to guess a password with 95% accuracy.

That’s according to a UK study published in IEEE Xplore, a journal of the IEEE European Symposium on Security and Privacy Workshops, titled, “A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards.”

“With recent developments in deep learning, the ubiquity of microphones and the rise in online services via personal devices, acoustic side channel attacks present a greater threat to keyboards than ever,” wrote UK study authors Joshua Harrison, MEng, Durham University; Ehsan Toreini, University of Surrey; and Maryam Mehrnezhad, PhD, University of London.

Hackers could be recording keystrokes during video conferencing calls as well, where an accuracy of 93% is achievable, the authors added.

This nefarious technological advance could spell trouble for healthcare security. Using acoustic SCA attacks, busy healthcare facilities, clinical laboratories, and telehealth appointments could all be potentially compromised.

“The ubiquity of keyboard acoustic emanations makes them not only a readily available attack vector, but also prompts victims to underestimate (and therefore not try to hide) their output,” wrote Joshua Harrison, MEng (above), and his team in their IEEE Xplore paper. “For example, when typing a password, people will regularly hide their screen but will do little to obfuscate their keyboard’s sound.” Since computer keyboards and microphones in healthcare settings like hospitals and clinical laboratories are completely ubiquitous, the risk that this AI technology will be used to invade and steal patients’ protected health information is high. (Photo copyright: CNBC.)

Why Do Hackers Target Healthcare?

Ransomware attacks in healthcare are costly and dangerous. According to InstaMed, a healthcare payments and billing company owned by J.P. Morgan, healthcare data breaches increased to 29.5% in 2021 costing over $9 million. And beyond the financial implications, these attacks put sensitive patient data at risk.

Healthcare can be seen as one of the most desirable markets for hackers seeking sensitive information. As InstaMed points out, credit card hacks are usually quickly figured out and stopped. However, “medical records can contain multiple pieces of personally identifiable information. Additionally, breaches that expose this type of data typically take longer to uncover and are harder for an organization to determine in magnitude.”

With AI advancing at such a high rate, healthcare organizations may be unable to adapt older network systems quickly—leaving them vulnerable.

“Legacy devices have been an issue for a while now,” Alexandra Murdoch, medical data analyst at GlobalData PLC, told Medical Device Network, “Usually big medical devices, such as imaging equipment or MRI machines are really expensive and so hospitals do not replace them often. So as a result, we have in the network these old devices that can’t really be updated, and because they can’t be updated, they can’t be protected.”

Vulnerabilities of Telehealth

In “Penn Medicine Study Shows Telemedicine Can Cut Employer Healthcare Costs by 25%,” Dark Daily reported a study conducted by the Perelman School of Medicine at the University of Pennsylvania (Penn Medicine) which suggested there could be significant financial advantages for hospitals that conduct telehealth visits. This, we projected, would be a boon to clinical laboratories that perform medical testing for telemedicine providers.

But telehealth, according to the UK researchers, may also be one way hackers get past safeguards and into critical hospital systems.

“When trained on keystrokes recorded using the video-conferencing software Zoom, an accuracy of 93% was achieved, a new best for the medium. Our results prove the practicality of these side channel attacks via off-the-shelf equipment and algorithms,” the UK researchers wrote in IEEE Xplore.

“[AI] has worrying implications for the medical industry, as more and more appointments go virtual, the implications of deepfakes is a bit concerning if you only interact with a doctor over a Teams or a Zoom call,” David Higgins, Senior Director at information security company CyberArk, told Medical Device Network.

Higgins elaborated on why healthcare is a highly targeted industry for hackers.

“For a credit card record, you are looking at a cost of one to two dollars, but for a medical record, you are talking much more information because the gain for the purposes of social engineering becomes very lucrative. It’s so much easier to launch a ransomware attack, you don’t even need to be a coder, you can just buy ransomware off of the dark web and use it.”

Steps Healthcare Organizations Should Take to Prevent Cyberattacks

Hackers will do whatever they can to get their hands on medical records because stealing them is so lucrative. And this may only be the beginning, Higgins noted.

“I don’t think we are going to see a slowdown in attacks. What we are starting to see is that techniques to make that initial intrusion are becoming more sophisticated and more targeted,” he told Medical Device Network. “Now with things like AI coming into the mix, it’s going to become much harder for the day-to-day individual to spot a malicious email. Generative AI is going to fuel more of that ransomware and sadly it’s going to make it easier for more people to get past that first intrusion stage.”

To combat these attacks patient data needs to be encrypted, devices updated, and medical staff well-trained to spot cyberattacks before they get out of hand. These SCA attacks on bank accounts could be easily transferable to attacks on healthcare organizations’ patient records.

Clinical laboratories, anatomic pathology groups, and other healthcare facilities would be wise to invest in cybersecurity, training for workers, and updated technology. The hackers are going to stay on top of the technology, healthcare leaders need to be one step ahead of them.

—Ashley Croce

Related Information:

How Hackers Are Using AI to Steal Your Bank Account Password

A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards

AI Can Steal Passwords with 95% Accuracy by ‘Listening’ to Keystrokes, Alarming Study Finds

New ‘Deep Learning Attack’ Deciphers Laptop Keystrokes with 95% Accuracy

Can A.I. Steal Your Password? Study Finds 95% Accuracy by Listening to Keyboard Typing

Ransomware in Healthcare: What You Need to Know

Hospital 2040: How Healthcare Cybercrime is Predicted to Escalate

30 Crucial Cybersecurity Statistics (2023): Data, Trends and More

Penn Medicine Study Shows Telemedicine Can Cut Employer Healthcare Costs by 25%

Nearly One Million Patient Records of Hospitals, Health Clinics, Medical Laboratories, and other Providers Stolen in Ransomware Attack on Medical Records Company

Clinical labs should proactively investigate how a vendor will respond to a data security incident and how quickly, says expert

Clinical laboratory managers in New York and surrounding areas should be aware that  almost one million protected health information (PHI) records from as many as 28 healthcare providers appear to have been stolen from a medical records company that services these providers.

Practice Resources LLC (PRL), a company that provides billing services for dozens of hospitals and medical providers in Central New York, announced in August they were the target of a ransomware attack that occurred on April 12 of this year. The Syracuse-based organization stated that hackers may have captured personally identifiable information (PII) such as names, home addresses, treatment dates, health plan numbers, and internal account numbers of 934,138 patients.

The data breach affected the patient records of dozens of medical providers and the clinical laboratories that service them, as well as physical therapists, pediatricians, gynecologists, orthopedic surgeons, and more.

Dark Daily’s sister publication The Dark Report covered a similar 2019 data breach in “Labs Should Heed Lessons from Huge Data Breach.”

Jim Giszczak, JD

“When a lab’s vendor has some type of breach, the lab entity that provided the compromised information could have some liability related to the breach,” explained Jim Giszczak, JD (above), McDonald Hopkins, in an interview with The Dark Report over a similar data breach in 2019. “That’s why every lab should be proactive and do a review to understand each vendor’s policies, procedures, training, and response in the event of a breach. Because your lab needs to know how a vendor will respond to a data security incident, and importantly, how quickly it will respond, it’s critical for lab officials to review the contracts they have with vendors that acquire, or have access to, PHI.” (Photo copyright: McDonald Hopkins.)

Not a Scam

“Unfortunately, it’s not a scam,” stated David Barletta, President and CEO of PRL, in an interview with local Syracuse news WSYR. “This really did happen in April—there was a ransomware attack on our system. We brought in forensic accountants and forensic information teams to come and look at what happened.”

PRL sent out more than 940,000 letters to potential victims of the cyberattack in August, noting that some patients may receive more than one letter.

The complete list of “healthcare entities on whose behalf Practice Resources LLC is providing notice of data incident,” according to PRL, includes:

Although their investigation did not uncover any evidence that personal data was misused, PRL has arranged credit monitoring services free of charge for one year from the date of enrollment. The company is also offering proactive fraud assistance to help people with any questions or in case they become a victim of fraud.

“There were no patient social security numbers that were taken. No medical record information was taken,” Barletta told WSYR. “We really, just out of an abundance of caution, felt that it was necessary that we provide them with credit monitoring for a year—just in case.”

Hundreds of Thousands of Patients Affected by Breach

When PRL discovered the data breach, the company took immediate steps to secure its systems and scrutinize the nature and extent of the incident. They then hired a forensic team to investigate what patient data may have been accessed by the hackers, a process that took several months.  

“It does take a long time because each client has hundreds of thousands of patients maybe,” Barletta explained. “We have several large clients that really bore the brunt of this.”

According to Barletta, PRL bills about $450 million annually for its clients, which include some major institutions in Central New York. The New York state Attorney General’s office is investigating the hacking incident and delving into whether PRL’s data security was adequate. 

As a result of the breach, FamilyCare Medical Group, which serves more than 80 physicians and thousands of patients, lost all of its laboratory data, according to the group’s CEO, Mitchell Brodey, MD. They had to close their lab for several months while their computer system was rebuilt. During this time, all their lab work was sent to another laboratory for analysis, MSN reported

The PRL ransomware attack was what is commonly known as a third-party data breach. This type of breach occurs when sensitive data is stolen from a third-party vendor, or when their systems are used to access and steal sensitive information stored on other systems.

In the United States, the Federal Trade Commission (FTC) is responsible for enforcing federal privacy and data protection regulations. If a breach affects 500 or more individuals, the company must issue a press release and notify the FTC and all affected consumers within 60 days of the discovery of the breach.

Clinical Labs Should Proactively Review Member Agreements

In 2019, our sister publication The Dark Report covered a major data breach affecting more than 20 million patients. That breach occurred when hackers gained access to the data systems of a third-party bill collector and impacted four of the nation’s largest clinical laboratories:

At that time, The Dark Report asked James Giszczak, JD, Chair of the Litigation Department and Co-Chair of the Data Privacy and Cybersecurity Practice Group at McDonald Hopkins, to provide insight on what steps clinical laboratory leaders should take to avoid and handle data breaches.

“One important lesson from this data breach is how critical it is for clinical labs and pathology groups to be proactive in making sure they review their vendor agreements,” Giszczak stated. “In that review, labs need to know the specific measures each vendor is taking to protect the information the lab is providing to their vendors.”

Giszczak suggested that clinical laboratory leaders make sure they understand each vendor’s policies, procedures, training, and response in the event of a data breach. He reiterated that labs could have some liability related to the breach.

-JP Schlingman

Related Information:

Labs Should Heed Lessons from Huge Data Breach

Hackers May Have Breached Medical Billing Records of Nearly One Million CNY Patients

List of Healthcare Entities on Whose Behalf Practice Resources LLC Is Providing Notice of Data Incident

Practice Resources, LLC Announces Data Breach Impacting the Information of 924,138 Patients

PRL Data Incident Notification

Your Stories: The Letter from Practice Resources, LLC is Legit

Third Party Data Breach: How to Prevent and What to Do

Ransomware Attacks on Scripps Health, Universal, and Utah Pathology Services Show Hospitals and Health Systems Are Increasingly in the Crosshairs

Recent attacks illustrate how costly a security breach can be and why clinical laboratories and pathology groups must work to protect their information systems from ransomware attacks

Recent ransomware attacks on Scripps Health, Universal Health Services, and Utah Pathology Services clearly illuminate the vulnerabilities within the healthcare industry to being targeted. These attacks left patients’ protected health information (PHI) exposed and the healthcare organizations open to federal scrutiny and possibly fines or other punitive actions.

Therefore, it is crucial clinical laboratories and pathology groups have a cybersecurity strategy in place for dealing with ransomware attacks. Running security drills may need to be part of that strategy. Managers and employees should undergo specific training and vendors must be vetted carefully. Without such a strategy, the question is not if an attack will happen, but rather when an attack will succeed.

Ransomware Attackers are Getting Better

“Ransomware is increasing in sophistication; it’s increasing in prevalence. The purveyors of ransomware are generally reinvesting the fees that they collect from the entities they extort to acquire more capabilities,” Beau Woods, Senior Advisor at the federal Cybersecurity and Infrastructure Security Agency (CISA), told The San Diego Tribune.

“They’re getting better, they’re getting more frequent, particularly during the pandemic where we’ve opened up more connectivity to allow more remote work,” he added.

The Scripps Health attack is notable for several reasons, with one being the length of the outage it caused. The attack was first detected on May 1 of this year. It took four weeks before Scripps could restore most of its network and get its Epic EHR back online, Health IT Security reported.

However, the ransomware attack on Universal Health Services (NYSE:UHS) may be the biggest attack so far. It took place on September 27, 2020, and caused a three-week outage. The company told The San Diego Tribune the incident had a $67 million impact on operations.

According to HIPAA Journal, “The phone system was taken out of action, and without access to computers and electronic health records, employees had to resort to pen and paper to record patient information. In the early hours after the attack occurred, the health system diverted ambulances to alternative facilities and some elective procedures were either postponed or diverted to competitors. Patients reported delays receiving test results while UHS recovered from the attack.”

At Utah Pathology Services, an employee e-mail hack resulted in the potential exposure of patient data. The malicious actors attempted to divert funds intended for a physician but failed to do so. However, the information of 112,000 patients was accessible to the hacker during the attempt.

“The compromised data varied by patient but could include names, contact information, insurance details such as ID and group numbers, medical and health information like internal records numbers and clinical and diagnostic information, and some Social Security numbers,” Health IT Security reported.

Bryan-S.-Ware-and-Christopher-Krebs

“We are seeing adversaries that are targeting our pharmaceutical companies, pharmaceutical research, laboratory companies, testing and really even out into the future manufacturing of the vaccine systems,” Bryan S. Ware (above left) Assistant Director for Cybersecurity for the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) told CyberScoop. CISA Director Christopher Krebs (above right) added, “At the onset of the COVID-19 pandemic, we recognized just how vital the healthcare sector was to the response and we established Project Taken to bring to bear the government’s particular set of skills to protect those organizations.” (Photo copyrights: CyberScoop/Business Insider.)

Value of Patient Data on the Dark Web is Increasing

In the case of the Utah Pathology Services attack, the hackers were specifically after money. However, according to cybersecurity company SecureLink, patient records are “the new prize” for hackers. Healthcare data carries a value of its own on the digital black market. In fact, healthcare data is more valuable than credit card or banking data.

“Healthcare data is valuable on the black market because it often contains all of an individual’s personally identifiable information, as opposed to a single marker that may be found in a financial breach,” SecureLink wrote in a blog post.

In “Here’s How Much Your Personal Information Is Selling for on the Dark Web,” credit rating agency Experian estimated a stolen medical record could sell for between $1 and $1,000, while a Social Security number alone is worth about a dollar.

A 2018 Trustwave Global Security Report estimated that a healthcare record is worth about $250. Trustwave, however, estimated the value of a banking record at less than $5. That strongly suggests health records are increasing in value.

And even after a healthcare entity has regained control of its IT infrastructure, the hacker still has possession of the stolen patient information. It may take weeks or years for the hacker to sell that information, meaning the breach represents a continuing threat to the healthcare organization and its patients.

Clinical Laboratories Must Prepare for an Attack

Simply understanding the threat is not enough. Clinical laboratory and pathology group managers must have robust plans in place for both protecting patient information and for dealing with a security breach should one occur.

According to a Health IT Security report, “The ransomware attack that struck all 400 UHS care sites and caused three weeks of EHR downtime in September, cost the health system $67 million in recovery costs and lost revenue.”

The report added, “Security researchers have long-recommended the need for providers to shift into a proactive security model, like zero trust. Recent reports show successful cyberattacks on healthcare providers doubled in the last year, with at least 560 providers falling victim to ransomware.”

In “Three Federal Agencies Warn Healthcare Providers of Pending Ransomware Attacks; Clinical Laboratories Advised to Assess Their Cyberdefenses,” Dark Daily reported on an FBI, federal Department of Health and Human Services (HHS), and federal Cybersecurity and Infrastructure Security Agency (CISA) joint advisory (AA20-302A) that warned US hospitals, clinical laboratories, and other healthcare providers to prepare for impending ransomware attacks in 2020.

To deal with the ransomware attacks, we wrote, “CISA, FBI, and HHS advise against paying ransoms. ‘Payment does not guarantee files will be recovered,’ the advisory states. ‘It may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities.’ The federal agencies advise organizations to take preventive measures and adopt plans for coping with attacks.

“The advisory suggests:

  • Training programs for employees, including raising awareness about ransomware and phishing scams. Organizations should ‘ensure that employees know who to contact when they see suspicious activity or when they believe they have been a victim of a cyberattack.’
  • Regular backups of data and software. These should be ‘maintained offline or in separated networks as many ransomware variants attempt to find and delete any accessible backups.’ Personnel should also test the backups.
  • Continuity plans in case information systems are not accessible. For example, organizations should maintain ‘hard copies of digital information that would be required for critical patient healthcare.’”

Given the enormous amounts of money hackers can earn from selling protected health information on the Dark Web, it is a near certainty these attacks will continue. Clinical laboratory and anatomic pathology group managers would be well advised to plan for the inevitability that their health system will be targeted.

—Dava Stewart

Related Information:

It’s Not Just Scripps. Ransomware Has Become Rampant During Pandemic

Scripps Health Network Still Down, 2 Weeks After Cyberattack

Universal Health Services Ransomware Attack Cost $67 Million in 2020

112K Patients Impacted by Utah Pathology Services Email Hack

Healthcare Data: The New Prize for Hackers

Here’s How Much Your Personal Information Is Selling for on the Dark Web

Trustwave Global Security Report

UHS Ransomware Attack Cost $67M in Lost Revenue, Recovery Efforts

CISA Turns to Security Experts with Street Cred to Protect Health Sector

Three Federal Agencies Warn Healthcare Providers of Pending Ransomware Attacks; Clinical Laboratories Advised to Assess Their Cyberdefenses

Three Federal Agencies Warn Healthcare Providers of Pending Ransomware Attacks; Clinical Laboratories Advised to Assess Their Cyberdefenses

Sophisticated cyberattacks have already hit hospitals and healthcare networks in Oregon, California, New York, Vermont, and other states

Attention medical laboratory managers and pathology group administrators: It’s time to ramp up your cyberdefenses. The FBI, the federal Department of Health and Human Services (HHS), and the federal Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory (AA20-302A) warning US hospitals, clinical laboratories, and other healthcare providers to prepare for impending ransomware attacks, in which cybercriminals use malware, known as ransomware, to encrypt files on victims’ computers and demand payment to restore access.

The joint advisory, titled, “Ransomware Activity Targeting the Healthcare and Public Health Sector,” states, “CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers.” It includes technical details about the threat—which uses a type of ransomware known as Ryuk—and suggests best practices for preventing and handling attacks.

In his KrebsOnSecurity blog post, titled, “FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals,” former Washington Post reporter, Brian Krebs, wrote, “On Monday, Oct. 26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics, and medical care facilities across the United States. Today, officials from the FBI and the US Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an ‘imminent cybercrime threat to US hospitals and healthcare providers.’”

Krebs went on to reported that the threat is linked to a notorious cybercriminal gang known as UNC1878, which planned to launch the attacks against 400 healthcare facilities.

Clinical Labs, Pathology Groups at Risk Because of the Patient Data They Keep

Hackers initially gain access to organizations’ computer systems through phishing campaigns, in which users receive emails “that contain either links to malicious websites that host the malware or attachments with the malware,” the advisory states. Krebs noted that the attacks are “often unique to each victim, including everything from the Microsoft Windows executable files that get dropped on the infected hosts to the so-called ‘command and control’ servers used to transmit data between and among compromised systems.”

Charles Carmakal, SVP and Chief Technology Officer of cybersecurity firm Mandiant told Reuters, “UNC1878 is one of the most brazen, heartless, and disruptive threat actors I’ve observed over my career,” adding, “Multiple hospitals have already been significantly impacted by Ryuk ransomware and their networks have been taken offline.”

John Riggi (above), senior cybersecurity adviser to the American Hospital Association (AHA), told the AP, “We are most concerned with ransomware attacks which have the potential to disrupt patient care operations and risk patient safety. We believe any cyberattack against any hospital or health system is a threat-to-life crime and should be responded to and pursued as such by the government.” Hospital-based medical laboratories and independent clinical laboratories that interface with hospital networks should be assess their vulnerability to cyberattacks and take appropriate steps to protect their patients’ data. (Photo copyright: American Hospital Association.)

Multiple Healthcare Provider Networks Under Attack

Hospitals in Oregon, California, and New York have already been hit by the attacks, Reuters reported. “We can still watch vitals and getting imaging done, but all results are being communicated via paper only,” a doctor at one facility told Reuters, which reported that “staff could see historic records but not update those files.”

Some of the hospitals that have reportedly experienced cyberattacks include:

In October, the Associated Press (AP) reported that a recent cyberattack disrupted computer systems at six hospitals in the University of Vermont (UVM) Health Network. The FBI would not comment on whether that attack involved ransomware, however, it forced the UVM Medical Center to shut down its computer system and reschedule elective procedures.

Threat intelligence analyst Allan Liska of US cybersecurity firm Recorded Future told Reuters, “This appears to have been a coordinated attack designed to disrupt hospitals specifically all around the country.”

He added, “While multiple ransomware attacks against healthcare providers each week have been commonplace, this is the first time we have seen six hospitals targeted in the same day by the same ransomware actor.”

An earlier ransomware attack in September targeted 250 healthcare facilities operated by Universal Health Services Inc. (UHS). A clinician at one facility reported “a high-anxiety scramble” where “medical staff could not easily see clinical laboratory results, imaging scans, medication lists, and other critical pieces of information doctors rely on to make decisions,” AP reported.

Outside of the US, a similar ransomware attack in October at a hospital in Düsseldorf, Germany, prompted a homicide investigation by German authorities after the death of a patient being transferred to another facility was linked to the attack, the BBC reported.

CISA, FBI, HHS, Advise Against Paying Ransoms

To deal with the ransomware attacks, CISA, FBI, and HHS advise against paying ransoms. “Payment does not guarantee files will be recovered,” the advisory states. “It may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities.” The federal agencies advise organizations to take preventive measures and adopt plans for coping with attacks.

The advisory suggests:

  • Training programs for employees, including raising awareness about ransomware and phishing scams. Organizations should “ensure that employees know who to contact when they see suspicious activity or when they believe they have been a victim of a cyberattack.”
  • Regular backups of data and software. These should be “maintained offline or in separated networks as many ransomware variants attempt to find and delete any accessible backups.” Personnel should also test the backups.
  • Continuity plans in case information systems are not accessible. For example, organizations should maintain “hard copies of digital information that would be required for critical patient healthcare.”

Evaluating Continuity and Capability

The federal agencies also advise healthcare facilities to join cybersecurity organizations, such as the Health Information Sharing and Analysis Center (H-ISAC).

“Without planning, provision, and implementation of continuity principles, organizations may be unable to continue operations,” the advisory states. “Evaluating continuity and capability will help identify continuity gaps. Through identifying and addressing these gaps, organizations can establish a viable continuity program that will help keep them functioning during cyberattacks or other emergencies.”

Dark Daily Publisher and Editor-in-Chief, Robert Michel, suggests that clinical laboratories and anatomic pathology groups should have their cyberdefenses assessed by security experts. “This is particularly true because the technologies and methods used by hackers change rapidly,” he said, “and if their laboratory information systems have not been assessed in the past year, then this proactive assessment could be the best insurance against an expensive ransomware attack a lab can purchase.”

—Stephen Beale

Related Information:

Ransomware Activity Targeting the Healthcare and Public Health Sector

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Hackers Hit Hospitals in Disruptive Ransomware Attack

Several Hospitals Targeted in New Wave of Ransomware Attacks

Hospitals Hit with Ransomware Attacks as FBI Warns of Escalating Threat to Healthcare

Ransomware Attacks on Hospitals Could Soon Surge, FBI Warns

Building Wave of Ransomware Attacks Strike U.S. Hospitals

Oregon Hospital Shuts Down Computer System After Ransomware Attack

Three St. Lawrence County Hospitals Hit by Ransomware

‘Unusual Network Activity’ at Ridgeview Medical Center

Brooklyn and Vermont Hospitals Are Latest Ryuk Ransomware Victims

;