Hospitals are straining under increasing cyberattacks. Cyberattacks have long been treated as a lower level of warfare than missile strikes, but as they hit hospitals and get more lethal, that could be changing, reports Politico. It’s time “to view these types of attacks, ransomware attacks on hospitals, as threat-to-life crimes, not financial crimes,” said John Riggi of the American Hospital Association. Ransomware attacks, in which hackers encrypt networks and demand payment to unlock them, have been some of the most common strikes against medical facilities. The number of people that have died from cyberattacks is hard to come by because of the variety of factors and the fact that deaths can occur weeks or months after an interruption in care. However, some deaths have been directly attributed to a cyberattack. A 2021 study from Proofpoint and the Ponemon Institute, which surveyed more than 600 health care facilities, found that mortality rates increased at a quarter of the facilities after a ransomware attack. In 2020, a ransomware attack forced a hospital in Düsseldorf, Germany, to close its emergency department, and a patient died in an ambulance while being rerouted to another hospital.
The most immediate damage from most cyberattacks in the U.S. is to businesses’ profits or people’s data, which hackers often steal. The government also has a list of 16 “critical infrastructure” categories, including health care, where a cyberattack attack could cause major disruption to services. In 2022, an attack on CommonSpirit Health, the nation’s second-largest non-profit health system, compromised the personal data of 600,000 patients, including electronic medical records, which allegedly caused one child to be accidentally given five times the amount of medication needed. According to CyberPeace Institute, the average cyberattack on a health care system leads to 19 days of patients unable to receive some form of care. In one case, a cyberattack led to around four months of disrupted medical care. Charles Carmakal of the cybersecurity company Mandiant Consulting said the firm is working to help several hospitals recover from cyberattacks. He noted that “it can often take weeks for the organizations to recover their IT systems and have their caregiving operations return to normal.” The problem is global. Most attacks against hospitals have been linked to cybercriminal groups, often based in Russia, but not directly to government hackers. Russian cybercriminal group Conti, for example, regularly uses hacks to extort money from hospitals.