Locked files. No access to EHRs. And patients waiting to go into surgery.
 
This isn’t a fictional scenario — it’s a ransomware attack — and it’s happening in hospitals and health systems across the world … including right here in the U.S.
 
The truth: Any computer system with valuable data is a target for cyber criminals. Hospitals and health systems, municipal governments, even personal computers can be targeted.
 
October is National Cybersecurity Awareness Month… and it’s a good time to do a status check on how prepared your hospital or health system is to prevent a cyber attack from disrupting care and potentially endangering your patients and their data.
 
Cyber attacks targeting hospitals are on the rise. Most attacks come in the form of phishing emails that trick people into clicking links or opening attachments that insert malware into computer networks. Regardless of their origin, these attacks can interrupt care delivery and impact patient safety by shutting down emergency departments, forcing ambulance diversions, disabling medical devices and denying access to essential patient health records.
 
Cyber attacks can be so devastating that many hospitals and health systems now rank cyber risk within their top three enterprise risk issues.
 
The AHA is working to mitigate this threat to America’s hospitals, health systems and our patients. We’re engaging directly with the federal government on both the policy and legislative fronts for increasing cybersecurity resources, creating incentives to expand the cybersecurity workforce, increasing cyber threat information sharing and enhancing medical device cybersecurity requirements.
 
This is only half the battle, though. As many members have already seen, our in-house cybersecurity expert, John Riggi, is working directly with members to enhance their defenses and manage their risk. John spent nearly 30 years at the FBI — including as a senior executive in the FBI cyber division — and was recently selected to co-lead a national health care field cyber task group with the U.S. Department of Health and Human Services. Visit AHA’s website to learn more about how the AHA can provide tailored trainings, workshops and webinars to fit your needs.
 
October may be cybersecurity awareness month … but cybersecurity is something hospital leaders should prioritize every month. The AHA is proud to be your partner in keeping your data — and your patients — safe.

Related News Articles

Headline
The FBI's Internet Crime Complaint Center released an alert May 7 warning of cyber actors exploiting vulnerabilities in end-of-life routers. Routers dated 2010…
Headline
The FBI’s Internet Criminal Complaint Center May 15 released an alert warning of a malicious text and voice messaging campaign involving impersonators…
Headline
In his latest AHA Cyber Intel blog, John Riggi, AHA national advisor for cybersecurity and risk, examines the state of cyber and physical threats in 2025 as…
Headline
Health care had more cyberthreats last year than any other critical infrastructure industry, according to the FBI's 2024 Internet Crime Report released April…
Headline
The National Security Agency April 23 released a report on operational technology systems that includes recommendations for security policies and technical…
Chairperson's File
Public
Cybersecurity and physical threats are unfortunately significant enterprise risks for health care, regardless of size or location. Every hospital, physician…