By Keri Forsythe-Stephens
“60 Minutes” may have just put medical device cybersecurity on prime time, but it’s an issue 24×7 Magazine readers have been concerned with for years. In our 2018 compensation and job satisfaction survey, numerous respondents cited cybersecurity as the biggest issue affecting the HTM field—an answer in line with 2016 and 2017 responses. But it wasn’t until “60 Minutes” shed light on the issue in early May that many people realized the severity—and potentially devastating consequences—of a healthcare cyber breach.
The newsmagazine spotlighted Hancock Regional Hospital, a 100-bed facility in the suburbs of Indianapolis, after it became the victim of a ransomware attack in January 2018. Hancock Regional Hospital’s CEO, Steve Long, admitted that the breach caught him off-guard, telling “60 Minutes” that he never anticipated a hack. “It’s something that I read in the journals,” Long maintained. “And I [would say], ‘Oh, those poor folks. I’m glad that’s never going to happen to us.’”
But it did—and the attack forced Long to divert ER patients to another hospital 20 miles away. “This is a ransomware [attack] so it’s a virus that has gotten into the computer system,” Long told “60 Minutes.” “But would it have the ability to jump to a piece of clinical equipment? Could it jump to an IV pump? Could it jump to a ventilator? We needed a little time to make sure of that.”
Ultimately, Hancock Regional Hospital paid a lofty price to regain access to their network—to the tune of $55,000—but Long hopes that awareness and proactive measures can help other hospitals avoid a similar fate.
So just how can hospitals and other entities become more cyber-secure? It all starts with good cyber hygiene, according to the experts interviewed by “60 Minutes.”
Their responses echo those of the cybersecurity specialists consulted in this month’s cover story, “Are Your Devices Secure?” It in, 24×7 Magazine correspondent C.A. Wolski discusses the May 2017 global WannaCry incident—by far, the largest cyberattack to ever hit the healthcare sector—and shares how HTM departments can be instrumental in preventing repeat events.
After all, explains Cynerio CEO and cybersecurity solution developer Leon Lerman, the proliferation of the Medical Internet of Things has changed the game for healthcare facilities. “IV pumps, ventilators, blood gas monitors are connected to computers or the Internet,” Lerman says. “That’s good for clinicians. The challenge is that advances in security are getting left behind.”
How is your department working to promote a more cyber-secure environment? E-mail me at firstname.lastname@example.org and let me know.
Keri Forsythe-Stephens is chief editor of 24×7 Magazine.