Ransomware is a type of cyberattack where hackers break into computer systems, lock important data, and ask for money to unlock it. In healthcare, this can cause serious problems because patient care can be stopped. In 2024, there were 386 reported cyberattacks on healthcare, keeping up the high numbers seen in 2023. That year was the worst ever for cyber breaches in healthcare. This shows that ransomware is still a real and growing problem.
One big attack in early 2024 was on Change Healthcare, a part of UnitedHealth Group that helps almost every hospital in the U.S. This attack stopped services like claims processing, managing clinical rules, and handling prescriptions. It caused delays all over the country. Many patients and providers faced problems with payments and clinical work, and over 190 million people’s data might have been exposed.
Ransomware can shut down hospital computer systems. This means doctors and nurses can’t get patient records, appointments get mixed up, and billing stops. These problems cause delays in emergency care, canceled procedures, and longer waits for tests. Ambulances and patients may have to go to other hospitals. This puts extra pressure on the hospitals that are not affected and can make them too busy.
People call the area affected by one attack the “ransomware blast radius.” This means when one hospital or service provider is attacked, many other places nearby can suffer too. For example, the Change Healthcare attack did not just hurt big city hospitals. It also hit rural clinics that depend on outside companies for billing and claims. Rural clinics have a hard time defending themselves because they often don’t have enough money or staff for good cybersecurity.
One clear trend is more attacks against third-party healthcare companies instead of directly targeting hospitals. In 2023, 58% of the 77.3 million people whose health information was stolen were affected through these partner companies. This was a 287% increase from the year before.
Hackers use a “hub and spoke” method. They attack big third-party providers (the hubs) that serve many hospitals and clinics (the spokes). By hitting these hubs, hackers can impact many healthcare groups at once. The Change Healthcare attack shows this clearly. Because hospitals rely a lot on these service providers for key tasks like claims and prescriptions, an attack on vendors can cause more damage than attacking a hospital directly.
Besides delays in care, ransomware attacks cause big money problems. A survey by the American Medical Association found that 80% of providers hit by the Change Healthcare attack lost money due to delayed or unpaid claims. Forty-six percent said they could not send in claims at all. Many had to use their own money to keep working. UnitedHealth Group paid over $2 billion to help those affected. Some medical practices almost went bankrupt because of these issues.
The attacks also bring legal troubles. The Change Healthcare breach caused several lawsuits and a federal investigation for possible rules violations under HIPAA. Even though the company had passed previous security tests, the breach showed weak points that must be fixed with better risk management and rule-following.
Healthcare leaders are under pressure to build strong cybersecurity plans that cover more than just IT systems. Cyber risks affect many areas like patient care, billing, and human resources. Preparing for ransomware means checking governance, judging risks from vendors, making good incident response plans, and training staff often.
Managing risks from third-party companies is very important. Healthcare groups should keep clear lists of all vendors and subcontractors. Contracts should include cybersecurity rules and cyber insurance. Regular checks can find weak spots, and systems need continuous updates and patches to stay safe.
Healthcare groups also need plans to keep key clinical and business work going for up to four weeks or more in case of long outages. Staff must practice how to respond to cyberattacks often, so they are ready and care is not badly hurt.
Big health systems spend more on cybersecurity, but rural hospitals and clinics face special problems. Many use old technology and have small budgets for cyber safety. This makes them easier targets, especially through outside service providers. The Change Healthcare attack badly hurt claims processing for some rural clinics. This caused care delays and financial trouble for them.
Rural healthcare leaders should try to get cybersecurity help like the Cybersecurity Toolkit for Rural Hospitals from the National Rural Health Resource Center. They can also seek funds from programs like the Small Rural Hospital Improvement Program (SHIP). Working with companies like Microsoft and Google can offer cheaper or free security tools and training made for rural needs.
The federal government sees the growing problem of healthcare cybersecurity. In 2023, the Department of Health and Human Services introduced voluntary Cybersecurity Performance Goals (CPGs) to fight common attack methods like phishing, using known weaknesses, and stolen login details. The American Hospital Association wants these rules to cover third-party providers too, aiming for a plan that includes the whole industry.
The Cybersecurity and Infrastructure Security Agency (CISA) shares best practices, offers training, alerts, and cybersecurity resources. The FBI’s 2024 Internet Crime Report showed healthcare has the most cyber threats, making constant attention necessary.
New advances in artificial intelligence (AI) and automated workflows help improve cybersecurity and make healthcare work better. For example, AI phone systems like those from Simbo AI can handle front-office calls automatically. This lowers risks from human mistakes or phishing attacks.
Using AI to automate routine communication and appointment tasks frees staff to focus on security and dealing with cyber incidents. AI can spot threats early by watching network activity and flagging unusual events faster than older methods.
AI tools can also help react quickly during attacks. They can isolate affected systems, start backups automatically, and send messages to alert needed people. This helps reduce damage and keeps healthcare running during IT problems.
Using AI automation combined with strong cybersecurity plans helps healthcare organizations deal with ransomware risks. Medical practice leaders and IT managers can protect their systems better while making daily work smoother and keeping patient care going without breaks.
As of 2024, there have been 386 reported healthcare cyber-attacks, maintaining the elevated rates seen in 2023, which had the highest number of breaches in healthcare history.
Ransomware attacks threaten patient safety by shutting down essential systems, causing delays in patient care, and having a cascading effect on community healthcare services.
The ransomware attack on Change Healthcare significantly impacted every hospital in the U.S., disrupting critical operations like claims and prescription drug processing, ultimately delaying patient care.
Attacks on third-party healthcare business associates surged by 287% from 2022 to 2023, highlighting the vulnerability of external service providers.
There is an increasing cooperation between nation-state-sponsored hackers and ransomware groups, with geopolitical tensions contributing to a rise in cyber threats against healthcare.
The federal government is urged to take proactive measures to disrupt cybercriminal activities and provide support during attacks, emphasizing a whole-of-government response.
The Cybersecurity Performance Goals (CPG) are voluntary guidelines created by HHS to encourage healthcare organizations to adopt practices that mitigate common cyber threats.
The CPGs are designed to apply to both healthcare organizations and their third-party technology providers to enhance overall cybersecurity measures in the industry.
The AHA provides resources and collaborates with cybersecurity partners to help healthcare organizations meet the HHS Cybersecurity Performance Goals, along with advisory services.
The report indicated that healthcare faced the most reported cyber threats of any critical infrastructure sector in 2024, underscoring the pressing need for improved cybersecurity.
Simbo is using AI agents to automate all phone related workflows. Connect now to know more.
Schedule AI Agents Demo Now© Since 2019, Simbo AI.
