Cyberattacks are on the rise, and some projections suggest these attacks could cost global industry $10.5 trillion this year.[1] Of all the industries, healthcare is the most targeted by cyber criminals.[2] One reason for this exorbitant price is the urgency felt by healthcare organizations to respond to attacks. Inaction can cause long lines in the Emergency Room, patients not getting their essential medications and treatments, delayed surgeries, and blind clinicians trying to figure out what the patient’s allergies used to be.
In fact, when a cyberattack involves ransomware, and the attackers lock the organizations out of their networks, it significantly affects the treatment of patients. When a hospital experiences system downtimes due to ransomware, the mortality rate also increases by 40%.[3] Patients’ lives are literally at risk, so hospitals are quick to pay whatever ransom they need to in order to get their systems back. That easy payday makes them even more of a target, because the patients they serve are particularly vulnerable. It is a crime devoid of honor.
When my son, Nathaniel, said he would be interested in researching healthcare cyberattacks for a scholarship challenge by the Actuarial Foundation,[4] I was experiencing a downtime in my job because of a cyberattack at the time. My son admitted that while he had always considered hackers to be lousy cheaters who made video games a lot less fun, he had never realized how cybercriminals could cripple a real-world company that delivered essential services to patients, and he wanted to know what could be done.
By Gayle Porter
