Security News > 2022 > June > Hospitals are for healing humans. But protecting and healing hospitals needs machines

While other businesses worry about reputational damage when they're hit by a ransomware attack, hospitals have to worry about canceled operations and ambulances backing up outside the emergency department.

If an attack does get through, there is immense pressure on hospitals to simply pay the ransom.

"The Irish Health Service Executive has since revealed that recovery costs for the organization were $600m - a shocking sum given the country's population is just over 5 million. Moreover, the subsequent report revealed"several detections of the attackers' activity prior to the detonation of the ransomware, but these "Did not result in a cyber security incident."

US authorities have also noted that hackers are maximizing the impact of their attacks by staging them on holidays or weekends, when office staff, network administrators and security experts are likely to be thinner on the ground - but when a hospital might be at its most stretched.

A ransomware attack on a hospital or medical facility need not result in the shutdown of an entire site or organization - or as in the case of the Conti attack on Ireland, an entire nation's healthcare system.

It's important to note that the only reason the attack got as far as it did, was that Darktrace's Autonomous Response capability was configured in passive mode, meaning positive action to contain the attack was the prerogative of a human.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/06/01/hospitals_are_for_healing_humans/