A complex of French hospitals was forced to temporarily suspend emergency services in the wake of a cyberattack. So far, six patients, three from intensive care and three from the neonatal unit, have been transferred to other hospitals; other patients are scheduled for transfer as well. The Andre-Mignot Hospital, which is part of the Hospital Centre of Versailles, has cancelled surgeries.
Note
- The hospitals are moving patients, in part, because the automated/connected monitoring systems are inoperable, and it takes a substantial increase in resources for manual monitoring. They are also wisely choosing to not initiate services they cannot fully support. When thinking about an attack which takes your IT systems offline, don’t casually plan to revert to manual methods: make sure you’ve done a deep dive on not only what manual means, but also the increased staff and lowered throughput in that scenario. Factor in what can be delayed or redirected. In the early 1980s, I was working my way through college in retail. With turnover, I became the only one in my district who knew the manual methods when the computerized system failed, including having a supply of the forms for manual reporting. Make sure that you have training and references so staff can successfully adapt, avoid having a single point of expertise.
- Three points to be made here: 1) the healthcare sector continues to be a primary target of cyber criminals looking for a quick payout; 2) connectivity of operational technology, in this case patient monitors, with IT systems can disrupt business operations; and, 3) each cyber breach that is reported serves as a warning to the executive team to revisit cyber defense plans that include knowing their environment [HW, SW, Data], configuration management, vulnerability management, account management, and network monitoring of their enterprise.
- The ransomware epidemic will probably not be over anytime soon. The culture in many healthcare organizations prioritizes patient safety over other initiatives such as “secure computing.” I know that this is probably concerning to many folks reading this editorial. However, the fact is that patient safety and computer safety have not historically been tied together in a clinical setting. The last half decade of these attacks may start shifting these attitudes. The more clinicians rely on these systems for patient safety, the more healthcare organizations will need to take a different approach to their internal systems. Unfortunately, if the HealthCare IT community doesn’t resolve this, it will be resolved by regulation.
- Hospitals continue to be favorite targets of ransomware attacks, in part because clinical applications are so sensitive. These applications should be isolated from those, like browsing and e-mail, that use public networks.
Read more in
