We have heard quite a bit about the dangers of cyber attacks. Specifically, though, most of these stories center around hacking personal information such as social security numbers, checking accounts, and credit card numbers. Identity theft and ruining your credit are probably the worst things that could happen from these crimes. But is it possible that cyber-attacks could actually turn deadly? This may sound like the realm of fiction, but it is actual a real possibility that has recently been uncovered.
Deadly simulation
Recently, Josh Corman, Chief Security officer at PTC, recently lead a simulation under the heading of “Hacking Healthcare: Bits and Bytes Meet Flesh and Blood.” The purpose of this simulation was to point out that we are moving so quickly with automation and technology that we are going beyond our current abilities to secure this technology. In the simulation, a hacker was able to infiltrate the automated delivery system for a medication infusion pump. This is the IV delivery system that automatically delivers medication such as insulin, painkillers, or chemotherapy drugs into a patient’s system. In this case, the simulated hacker was able to access the pump and give the patient a massive overdose of the medication in the pump, causing cardiac arrest. The medication in the infusion pump was supposed to be delivered gradually over an entire day. Instead, it was all administered in a matter of minutes.
Hospitals and healthcare offices are particularly vulnerable
According to Corman, there are several reasons why hospitals and healthcare offices are particularly vulnerable targets for cyber attacks. Among these:
- There is a massive problem with a lack of certified employees in cyber-security. As Corman points out, only 15% of hospitals have a single employee with cyber security experience;
- Many hospitals are still using outdated equipment that do not have current, up-to-date safeguards;
- “Premature connectivity” is seeing this outdated equipment hooked to the Internet when it was never intended to do so and has no security aspects;
All of these combine with other innate vulnerabilities in medical equipment to be a significant potential danger for patients.
This is not an unheard of danger. Last year, the WannaCry ransomware attack saw dozens of hospitals in the US and UK virtually shut down because data was encrypted and unable to be accessed unless the hospital paid the hacker’s ransom. This had negative impacts on patient care including the postponement of surgeries until after the hack had been resolved.
Corman also pointed out that in the event of planned events, such as marathons in major cities that shut down roads and impede ambulance traffic, can have a negative impact on patient care. If these planned events can hurt a hospital’s ability to help patients, then imagine what surprise cyber attacks could do to those same hospitals. New Edge Technology Solutions wants you to be aware and proactive in protecting your health information. Find out more about NETS and how we’re protecting businesses every day.