Ransomware at the hospital

As reported in this BBC article, three hospitals in Alabama were forced to close their doors to all but the most-critical new patients due to a ransomware event. After a cyber attack in Australia, a hospital had to find a scrap of paper before they could perform a medical procedure on a boy with cerebral palsy. The boy’s mom couldn’t even phone the hospital to confirm the appointment. Think about that for a moment–a facility that could be responsible for whether you live or die is shut down or essentially rendered ineffective by a breach. And this only scratches the surface of the stories. We don’t know how the breaches happened, what controls the hospitals had in place, and/or whether there were reliable backups in place. I think ransomware attacks on hospitals are one of the nightmare cases for cybersecurity. Unfortunately, it looks like this is a growing problem that should serve as a reminder about how important cybersecurity is to society.