On July 3rd just before the holiday weekend, Mount Auburn Hospital's IT team identified suspicious activity. Alarmed, they quickly took steps to disconnect the Cambridge hospital's computer system from the internet. They switched from automatic backup procedures to manual ones.
No patient data was compromised, and the Harvard-affiliated hospital was able to continue its normal operations, according to hospital officials. Such attempted phishing attacks are a daily, if not an hourly, occurrence at hospitals all across America. The majority don’t always end as well as Mount Auburn’s did.
More than 80% of medical practices have been the victims of cyberattacks, according to a national survey. Over half reported patient safety concerns from the hacks, and 20% said that their business had been interrupted for more than five hours. “That can be the difference between life and death,” said Wendi Whitmore, a cybersecurity expert and vice president of IBM X-Force, a commercial security research team.
The situation has only gotten worse during the months-long coronavirus pandemic, as more employees switched to working from home, and medical facilities were cash-strapped and stretched thin because of COVID-19. Between March and April, IBM saw a 6,000% increase in spam attacks on information technology systems, leveraging COVID-19, many of them at health care facilities, Whitmore said, describing the situation as a continuous “cat and mouse” game between criminals and institutions.
Whitmore said there’s been a huge increase in security incidents in recent months, climbing by as much as 75% in North America and 125% in Europe and the Middle East.
Seattle Children’s, for example, saw double the normal amount of attempted hacking attacks in March, specifically phishing emails, hunting for someone on the staff who would click on a malicious link and allow malware into the health system's network, said Gary Gooden, chief information security officer at the Washington-based health system. The reason: Hackers can make a lot of money. Globally, cybercrime adds up to billions of dollars a year, Gooden said.
USA Today has the story.