AHA testifies at Senate hearing on cyber threats amid pandemic

Dec 02, 2020 - 04:08 PM
Cybersecurity Lock on Gold Wall

The Senate Homeland Security and Governmental Affairs Committee today held a hearing on defending communities from cyber threats during the COVID-19 pandemic.

Testifying at the hearing, John Riggi, AHA senior advisor for cybersecurity and risk, said the pandemic has led to a cyber “triple threat” for hospitals and health systems: an expanded attack surface due to rapidly expanded network- and internet-connected technologies and services; increased cyberattacks of all types; and fewer available resources to bolster cybersecurity defenses.

“A ransomware attack on a hospital crosses the line from an economic crime to a threat-to-life crime; such attacks should therefore be aggressively pursued and prosecuted as such by the federal government,” Riggi said. “…We recommend that, given the increased cyber threat environment and attacks specifically targeting hospitals and health systems, along with resource constraints imposed upon hospitals and health systems in response to COVID-19, additional safe harbor protections from civil and regulatory liability be provided to hospital and health system victims of cyberattacks.”

Also testifying at the hearing were representatives from the Department of Homeland Security; New Hampshire Department of Information Technology; Hartford, Conn., public schools; and the ransomware incident response platform Coveware. 

Related News Articles

Headline
Study finds flu, COVID-19 infection temporarily raises risk of heart attack, stroke 
A study published Oct. 30 by the American Heart Association found that people have an elevated risk of heart attack and stroke following flu and COVID-19…
Headline
Microsoft issues security update addressing critical vulnerability impacting Windows server services 
Microsoft has released a security update to address a critical remote code execution vulnerability impacting multiple versions of Windows Server Update…
Headline
2025 Cybersecurity Year in Review, Part Two: Mitigating Third-Party Risk, Ensuring Clinical Continuity and Addressing AI Risk
In part two of a recent blog, AHA National Advisor for Cybersecurity and Risk John Riggi and AHA Deputy National Advisor for Cybersecurity and Risk Scott Gee…
AHA Cyber Intel
2025 Cybersecurity Year in Review, Part Two: Mitigating Third-Party Risk, Ensuring Clinical Continuity and Addressing AI Risk
In part one of this blog, we reviewed the number of cyberattacks the health care field endured this year compared to last; provided an overview of the lessons…
Headline
CISA warns of vulnerability in F5 BIG-IP products
The Cybersecurity and Infrastructure Security Agency Oct. 15 released an emergency directive advising federal agencies to take stock of their F5 BIG-IP…
Headline
AHA blog: 2025 Cybersecurity Year in Review, Part One — Breaches and Defensive Measures
In part one of a new blog, John Riggi, AHA national advisor for cybersecurity and risk, and Scott Gee, AHA deputy national advisor for cybersecurity and risk,…