The Senate Homeland Security and Governmental Affairs Committee today held a hearing on defending communities from cyber threats during the COVID-19 pandemic.
Testifying at the hearing, John Riggi, AHA senior advisor for cybersecurity and risk, said the pandemic has led to a cyber “triple threat” for hospitals and health systems: an expanded attack surface due to rapidly expanded network- and internet-connected technologies and services; increased cyberattacks of all types; and fewer available resources to bolster cybersecurity defenses.
“A ransomware attack on a hospital crosses the line from an economic crime to a threat-to-life crime; such attacks should therefore be aggressively pursued and prosecuted as such by the federal government,” Riggi said. “…We recommend that, given the increased cyber threat environment and attacks specifically targeting hospitals and health systems, along with resource constraints imposed upon hospitals and health systems in response to COVID-19, additional safe harbor protections from civil and regulatory liability be provided to hospital and health system victims of cyberattacks.”
Also testifying at the hearing were representatives from the Department of Homeland Security; New Hampshire Department of Information Technology; Hartford, Conn., public schools; and the ransomware incident response platform Coveware.