2024 was a year that saw several blows to the healthcare industry when it came to cybersecurity. Data breaches and ransomware attacks caused major disruptions in the daily operations of healthcare organizations with significant monetary implications.
Errol Weiss, chief security officer at Health-ISAC, confirms that this year, a higher number of cybersecurity events were observed than the year prior. What’s happening now, he says, is that not only are hospitals victims of ransomware attacks but now patients as well. Criminals will threaten to release private patient data if a ransomware sum is not being paid. The ransomware group BlackCat attacked Leigh Valley Health, for example, and threatened to release nude pictures of its cancer patients. The class action suit was settled for $65 million. Weiss expects to see more of these types of attacks in the year ahead. “They will go after whatever they can,” Weiss says about the cybercriminals.
To the question of whether he thinks federal legislation on cybersecurity measures within healthcare will be helpful, Weiss responds, “Hospitals are operating on razor-thin margins as it is, and it is very difficult for them to invest in things that aren’t directly related to patient care. If we’re going to talk about any kind of legislation moving forward, especially in the new administration, it needs to come with the adequate resources to make sure that that happens.”
Weiss doesn’t believe in throwing money at the problem. He advocates getting the right people into organizations to address issues. He believes a virtual CISO program is a way to get additional help in. Weiss says there are a lot of cybersecurity vendors and point solutions. “The market is very confusing…. So if you had $100 to spend on cyber security, where would you spend that?”
As to what to expect in 2025, Weiss points to the issue of attacks on the supply chain, where the level of sophistication is increasing. In this area, Weiss says, the attacks don’t seem so random, “where many of these malware attacks, the ransomware gang will send out millions of malicious emails and hope that they get somebody somewhere to click on something and install the ransomware.” The attacks this past year seem to be more targeted.
Weiss anticipates artificial intelligence (AI) will also be part of more attacks. “We’ve already seen the talk about malicious actors leveraging AI to develop zero-day attacks, which is absolutely mind-boggling because you leverage AI to help develop some new attack technique.” Weiss adds, “If the bad guys can use AI to develop a new zero-day, I think we’ve got to also be proactive, finding out those zero-days, and then defending against those.”
