The United States Congress is raising the issue of cyberthreats to the healthcare industry more and more. A number of congressional representatives have increased their efforts to safeguard the sector in the face of an increase in cyberattacks by putting out legislation and suggestions designed to address and mitigate such threats.
In a report released last week, Sen. Mark Warner (D-Va.), chairman of the Senate Intelligence Committee, noted before providing suggestions on how the federal government may raise security standards in the industry to thwart those attacks, adding that, “Over the past decade, the American public has witnessed increasingly brazen and disruptive attacks on its health care sector that jeopardise sensitive personal information, delay treatment, and ultimately lead to increased suffering and death”.
The three-part report makes three recommendations: that the federal government strengthen the nation’s cybersecurity risk posture in the healthcare industry; that it aid the private sector in reducing cyberthreats; and that it aid health care providers in defending against and recovering from cyberattacks.
Christopher Plummer, a senior cybersecurity architect at Dartmouth Health, said: “The senator’s report addresses areas of weakness that hospitals have worked tirelessly to mitigate for a long time. Just seeing an acknowledgement of this in writing, and from this level of the government, gives a lot of hope”.
The research touched on a few issues that resonated with Plummer, including the growing difficulties of cybersecurity insurance and the labour scarcity of cyber workers across businesses.
He continued by saying that depending on the size and cyber capabilities of the organisation, hospitals will require very different resources to resist attacks.
“What we, as a nation, do with this report is the critical next move. The discussion points are on the table — now it’s time to substantively address these challenges,” he said.
Because it keeps sensitive data and deals with the safety and wellbeing of patients, the health care industry has been particularly susceptible to cyberattacks. Some hospitals are reportedly willing to pay ransoms in order to save lives and restore stolen data, making the sector a top target for cybercriminals. In other circumstances, they claimed, it might even come down to life and death.
Additionally, they claim that hackers are pursuing sensitive data pertaining to technology and medical research. An investigative and risk consulting company, Kroll, reported in an August report that the number of assaults against healthcare organisations rose by 90% in the second quarter of this year compared to the first.
READ ALSO: 35-year-old Florida Man scams US Gov’t, steals $2.6m COVID-19 Relief Funds
The survey also discovered that ransomware, closely followed by email penetration, is the most typical threat utilised against the healthcare industry. A research that revealed that more than 45 million people were impacted by such attacks was mentioned by Warner in the paper, who also said that cyberattacks directed at healthcare providers reached an all-time high in 2021.
In recent months, a number of lawmakers have sounded the alarm and taken action to address the problem. Warner is the most recent of them.
Rep. Mike Gallagher (R-Wis.) and Sen. Angus King (I-Maine) have also voiced their worries. The lawmakers urged the Department of Health and Human Services (HHS) in a letter they issued to the agency in August to do more to safeguard the healthcare and public health sectors from the increasing number of cyberthreats that are aimed at that sector.
King and Gallagher, who both co-chair the Cyberspace Solarium Commission, wrote: “With cyber threats growing exponentially, we must prioritise addressing the [health care and public health] sector’s cybersecurity gaps. Ransomware attacks on the [health care and public health] sector have skyrocketed in the past two years as opportunistic criminals recognised that hospitals may pay quickly to resolve issues and protect patient safety”.
The congressmen asked for an urgent meeting with Biden administration health officials in the letter in order to get an update on the administration’s current cyber posture. Additionally, they expressed worry over HHS’s failure to promptly alert sector partners of ongoing concerns.
Another senator, Sen. Jacky Rosen (D-Nev.), has been urging the federal government to do more to safeguard key infrastructure, such as the healthcare industry, from cyberattacks.
She and Sen. Measure Cassidy (R-La.) presented a bipartisan bill in March that would mandate cooperation between the HHS and the Cybersecurity and Infrastructure Security Agency (CISA) in order to raise cybersecurity standards in the healthcare and public health industries.
In order to improve cyber resilience, the act would also mandate information sharing between the two agencies and the business community. Federal agencies have been keeping an eye on the industry and warning the public about the present cyber threats it faces while lawmakers have taken these moves.
U.S. federal officials warned that “Maui,” a ransomware, has been attacking institutions in the health care and public health sectors in the country over the summer. The North Korean government has been implicated in the ransomware. Additionally, the agencies warned against paying ransoms because doing so does not ensure the return of stolen data. Instead, they advised health sector firms to implement cybersecurity best practises and notify law enforcement of ransomware threats.
Warner stated in the report that: “When it comes to cyberattacks affecting patient care, the question is no longer a matter of if or when, but how often and how catastrophic the consequence”.
Get Faster News Update On: WhatsApp and Telegram