Cyber-Attacks on Hospitals

12389945471?profile=RESIZE_400xCybersecurity experts are warning that hospitals around the country are at risk for attacks like the one that is crippling operations at a premier Midwestern children’s hospital and that the US government is doing too little to prevent such breaches.  Hospitals in recent years have shifted their use of online technology to support everything from telehealth to medical devices to patient records.  Today, they are a favorite target for internet thieves who hold systems’ data and networks hostage for hefty ransoms, said John Riggi, the American Hospital Association’s cybersecurity adviser.  “Unfortunately, the unintended consequence of using all this network- and internet-connected technology is that it expanded our digital attack surface,” Riggi said. “So, many more opportunities for bad guys to penetrate our networks.”[1]


The assailants often operate from American adversaries such as Russia, North Korea, and Iran, where they enjoy big payouts from their victims and face little prospect of ever being punished.  In November 2023, a ransomware attack on a healthcare chain that operates 30 hospitals and 200 health facilities in the United States forced doctors to divert patients from emergency rooms and postpone elective surgeries. Meanwhile, a rural Illinois hospital announced it was permanently closed last year because it could not recover financially from a cyberattack.  The hackers went as far as posting photos and patient information of breast cancer patients who were receiving treatment at a Pennsylvania health network after the system was hacked last year.

Recently, one of the top children’s hospitals in the country, the Ann & Robert H. Lurie Children’s Hospital of Chicago, has been forced to put its phone, email, and medical record systems offline as it battles a cyberattack.  The FBI has said it is investigating.  Brett Callow, an analyst for the cybersecurity firm Emsisoft, counted 46 cyberattacks on hospitals last year, compared with 25 in 2022.  The paydays for criminals have gotten bigger, too, with the average payout jumping from $5,000 in 2018 to $1.5 million last year.  “Unless governments do something more meaningful, more significant than they have done to date, it’ll inevitably get worse,” Callow said.

Callow believes the government should ban cyberattack victims such as hospitals, local governments and schools from paying ransoms.  “There’s so much money being paid into the ransomware system now there’s no way the problem is going to go away on itself simply,” he said.  The dramatic increase in these online raids has prompted the nation’s top health agency to develop new rules for hospitals to protect themselves from cyber threats.

The Department of Health and Human Services said it will rewrite the rules for the Health Insurance Portability and Accountability Act, the federal law commonly called HIPPA that requires insurers and health systems to protect patient information to include new provisions that address cybersecurity later this year.  The department is also considering new cybersecurity requirements attached to hospitals’ Medicaid and Medicare funding.

Most hospitals will struggle to protect themselves.  Experts are worried about rural hospitals, for example, that may have difficulty cobbling together money to update their cybersecurity properly.  HHS wants more money from Congress to tackle the issue, but Palm said the agency doesn’t have a precise dollar amount it seeks.  Becoming the victim of a cyberattack is costly, too.  The attacks can put hospitals’ networks offline for weeks or months, forcing hospitals to turn away patients.

In Chicago, Lurie Hospital’s network has been offline for two weeks.  The hospital, which served more than 260,000 patients last year, has established a separate call center for patients’ needs and resumed some care. 

This article is presented at no charge for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  Call for assistance.  For questions, comments, a demo, or assistance, please get in touch with the office directly at 1-844-492-7225 or   






Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings



E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!