In February 2024, a major ransomware attack hit a UnitedHealth Group subsidiary. The breach not only exposed the personal data of hundreds of millions of Americans, but caused extensive disruptions at Kettering Health – one of Ohio’s largest medical systems. This recent incident is a clear signal that cyberattacks in the healthcare sector are escalating, more severe and costly. Cybercriminals have quickly turned it into an easy target.
Kettering Health’s Network Outage and Procedure Cancellations
Kettering Health, which employs more than 1,800 physicians, runs a network of more than a dozen medical centers across Ohio. Event due to a cyberattack that triggered a severe nationwide technology disruption. Consequently, all elective inpatient and outpatient procedures at the facilities were canceled. In a statement on the pictured network outage, Kettering Health acknowledged the severity of the disruption by saying, “Inpatient and outpatient procedures have been canceled for today.”
The health sector is currently undergoing a harrowing increase in cyberattacks. Last year, the FBI was receiving reports of more than 440 ransomware attacks and data breaches per day in this industry alone. This sector has long been the most under attack of all critical infrastructure sectors. U.S. lawmakers and federal officials have been increasingly alarmed by the cybersecurity landscape for our nation’s healthcare providers. They believe the status quo is unsustainable because of the increasing frequency and severity of attacks.
Cybercriminals take advantage of hospitals’ desperate desire to keep things running, sometimes extorting ransoms in order to not further disrupt patient care. A ransom note reportedly read, “Your network was compromised, and we have secured your most vital files,” highlighting the severe implications of such breaches on healthcare services.
Patient Safety at Risk Amid Cyberattacks
In a deeply troubling trend, a round of cyberattacks in the past year and a half have directly harmed patients—all of them victims nationwide. A different attack hit Ascension, one of the largest national healthcare systems, based in St. Louis. The failure of this incident put patient health at risk by compelling nurses to practice without access to electronic health records, affecting 140 hospitals in 19 states.
As these incidents show, the U.S. healthcare sector continues to struggle with protecting against cyber threats. That they keep hitting hospitals is particularly alarming. More importantly, it undermines the sufficiency of current defenses and threatens patient safety.
Kettering Health area medical centers are postponing their scheduled procedures. They’re on defense right now, trying to figure out how to restore systems and securing their networks after that attack. The situation that’s continuing to unfold reveals major weaknesses in healthcare IT systems and our ability to protect them. It further showcases our industry’s critical need for improved cybersecurity protections from top to bottom.
Author’s Opinion
The increasing frequency and severity of cyberattacks on healthcare systems expose critical vulnerabilities that put patient safety at risk. The industry’s current defenses are clearly insufficient, and urgent, comprehensive action is needed to fortify cybersecurity infrastructure. Protecting patient data and ensuring uninterrupted care must be top priorities in safeguarding the healthcare sector from these growing threats.
Featured image credit: Drazen Zigic via Freepik
For more stories like it, click the +Follow button at the top of this page to follow us.