Healthcare under cyber attack

Posted by blyon001 on


We can agree that protecting our healthcare system is a top priority when it
comes to cybersecurity. It is listed as one of our critical infrastructures. With everything
moving from paper to electronic copies, we can see how detrimental it would be for a
cyber-attack to occur on any business, let alone a hospital. Hospitals contain PII and
PHI. Data like social security numbers, insurance information, and payment details,
could make for a very high target for hackers to consider. Hackers could also degrade
the operations of a hospital. In the NPR article, Cyberattack led to harrowing lapses at
Ascension Hospitals, clinicians say “delayed or lost lab results, medication errors, and
an absence of routine safety checks via technology” (Pradhan & Wells). We are
dealing with mistakes that could result in fatalities and the horrible scars they would
have on families and employees alike. To ensure safe cybersecurity we must be
more active, especially with the advancement of technology and hackers.
One of the problems with healthcare systems and long downtimes that
contribute to the degradation of the work at hospitals is the lack of an emergency
plan. One of the main ways to combat the issue of downtime due to hackers is
going “back to paper” (Pradhan & Wells). This could cause issues within the hospital
like losing or missing paperwork, slower work times, false or inaccurate paperwork,
etc. “In 2023, the health sector experienced the largest share of ransomware
attacks of 16 infrastructure sectors considered vital to national security or safety”
(Pradhan & Wells). Knowing this I believe healthcare systems should be treated
with a higher level of security due to the increased threat. To me, it seems that the
standards for healthcare systems are not treated as seriously and the funding for
cybersecurity is a lack thereof. Hospitals are businesses and just like any business
they should have a solid and strong cybersecurity system. This ensures the
protection of data and lessens the opportunities for hackers to attack.
DNA Data in health care
(1) Now that we talked about the detrimental effects hackers have in
healthcare, we can get more specific. The health industry has a lot of personal data
on computers. Even more so with coding our DNA. Using our DNA and turning it
into Binary Code (Coldeway). What’s the point? The point just like how we don’t use
paper anymore, is that it is quicker and more efficient. It’s easier to read compare
and analyze across millions of other DNA samples (Coldeway). The problem is now
we have more personal data that hackers could have access to and that hackers
could be motivated more by. I believe that companies shouldn’t have the authority to
code your DNA. The DNA is mine, not for companies to do with what they please.
DNA should be taken and used for only what is needed. Not to store and upload to
a computer to compare and analyze. How do I know that they are being responsible
and using the correct cybersecurity methods?
(2) As I said before, healthcare is a high target and has gone through many
attacks. They have highly sensitive material that makes them a Prime target. The
exposure of our DNA could be life-threatening. The responsibility of the healthcare
system is extreme. Being detailed in the Framework Core is essential. As
technology becomes more advanced (DNA coding), we need a stronger core. We
should start at the top of the Core PROTECT (Barrett). Things like stronger
encryption, access controls, and regular updates should be taken more seriously
even though it may seem mundane. Also, it seems that we lack proper training in
cybersecurity especially in employees who have no connection with it (nurses,
doctors). A breach in one person’s identity is a serious offense and should result in
a more serious punishment if evidence is found to have holes in its cybersecurity
fundamentals. Audits may be necessary, especially with the heaviness of PII and
PHI.
Conclusion
Every business has an important role to take when it comes to the protection of
data. As a society, we should ensure the protection of everyone’s data, especially in the
healthcare field. As technology grows and businesses start using cyber for more and
more practices, we should also improve our security. Using the Framework Core is a
good start. Cyber is becoming more incorporated into our every day and one thing that
can ensure the right practices is good training. Whether that be personal or professional
it can lead to a positive cyber environment.
Works Cited
Barrett, M. P. (2018). Framework for Improving Critical Infrastructure Cybersecurity, Version
1.1. https://doi.org/10.6028/nist.cswp.04162018
Coldewey, D. (2017, August 10). Malicious code written into DNA infects the computer that
reads it. TechCrunch. https://techcrunch.com/2017/08/09/malicious-code-written-into-dna-
infects-the-computer-that-reads-it/
Pradhan, R., & Wells, K. (2024, June 19). Cyberattack led to harrowing lapses at Ascension
Hospitals, clinicians say. NPR. https://www.npr.org/2024/06/19/nx-s1-5010219/ascension-
hospital-ransomware-attack-care-lapses

Leave a Reply

Your email address will not be published. Required fields are marked *