Perspective: Cybersecurity Must Be a Priority Each and Every Day

Oct 15, 2021 - 08:58 AM by
Rick Pollack
Rick Pollack

Cybercrimes directed against hospitals and health systems have been on a massive upswing worldwide for several years, accelerating even more during the COVID-19 pandemic.

Ransomware, malware, phishing and other tools are employed by skilled cybercriminals to extort large sums of money, steal private data from patients and providers, and compromise system safeguards.   

Worse, these attacks directly threaten patient care. Ransomware attackers can disrupt or render inoperable critical medical technology such as radiology, lab services, electronic medical records and the systems which monitor lifesaving equipment, such as ventilators and heart beat monitors.

We are taking many steps to fight back:

  • Ransomware attacks targeting hospitals and health systems now get priority focus from federal law enforcement, due in part to the AHA’s efforts. John Riggi, AHA’s senior advisor for cybersecurity and risk and a former FBI cyber executive, is in frequent touch with former colleagues and helped persuade the FBI and Department of Justice to raise the investigative priority level for ransomware attacks targeting U.S. critical infrastructure to equal that of terrorist attacks.
     
  • AHA’s online resources help keep our field up to date on the latest risks and developments and suggest steps that every provider can take, including those who work from home, to bolster the security of their systems.
     
  • Advancing cybersecurity is a part of our advocacy priorities.
     
  • We are urging Congress to advance cybersecurity efforts by developing coordinated national defense measures, expanding the cybersecurity workforce, disrupting bad actors who target U.S. critical infrastructure and using a “whole of government” approach to increasing consequences for those who commit attacks.

At the same time, we are also pressing the Department of Health and Human Services to ease fines or other penalties against care providers that observe cybersecurity best practices … but are nonetheless victimized by cyberattacks that result in HIPAA violations.

And we hope to see expanded protections to include relief from financial losses when services are impeded … particularly given the financial challenges we are facing as a result of COVID-19.

We had the opportunity to share our concerns with top FBI officials at a recent meeting. The AHA will continue to remain in regular contact with the FBI, HHS, the Cybersecurity and Infrastructure Security Agency, and others, to provide you with the most up-to-date information.  

October is Cybersecurity Awareness Month. But health care providers need to remain aware of the dangers posed by cybercrime every minute of every day. Such crimes will only be deterred by preparation, vigilance and a united front.

Defeating or negating cyberattacks is a significant challenge. But with patient safety at stake, it’s a battle that all of us must take on … and win.

 

Related News Articles

Headline
CISA issues update on voluntary cybersecurity performance goals 
The Cybersecurity and Infrastructure Security Agency Dec. 11 released an update to its voluntary Cybersecurity Performance Goals, which includes measurable…
Headline
AHA’s Pollack announces plan to retire
AHA President and CEO Rick Pollack today announced his plans to retire by the end of 2026. A 43-year veteran of the association, Pollack has served as its…
Headline
Agencies warn of state-sponsored cyberattacks from Russia, China
U.S. and international agencies are warning of potential cyberattacks on health care and other critical infrastructure from state-sponsored cyber actors in…
Headline
CISA alerts of critical vulnerability impacting free program used for building user interfaces 
A critical, unauthenticated remote code execution vulnerability known as React2Shell has been added to the Cybersecurity and Infrastructure Security Agency’s…
Chairperson's File
Chair File: All In for the Future
Public
When I began my year as AHA Board Chair, my goal was for us to be all in. In a year that was full of many tests — OBBBA, executive orders and an ongoing,…
Headline
Resources available to help detect malicious AI schemes
The FBI has public resources available to help prevent exploitation by cybercriminals, who use artificial intelligence for deception. An infographic by the FBI…