Abstract
Introduction: The healthcare industry has begun seeing a new hazard develop against them- the threat of cyberattack. Beginning in 2016, healthcare organizations in the United States have been targeted for malware attacks, a specific type of cyberattack. During malware incidents hackers can lock users out of their own network to gain access to information or to hold the organization for ransom. With the increase in medical technology and the need for access to this information to provide critical care, this type of incident has the potential to put patient lives and safety at risk. Methods: A content analysis was conducted to assess the trend of attacks on healthcare organizations. U.S. Healthcare IT News and Becker's Hospital Review were used to collect all publicly reported malware attacks against U.S. healthcare organizations between 2016 and 2017. A fault-tree diagram was also developed to illustrate how hackers gain access to a healthcare network using malware. Results: There were 49 cases of malware attacks against U.S. HCOs identified. The attacks occurred across 27 states, and they took place during 18 out of 24 months. Six of the organizations reported paying ransom, whereas 43 organizations did not pay or did not report payment to the press. Impacts of these attacks range from network downtime to patient and staff records being breached. Discussion: Malware attacks have the potential to impact care delivery as well as the healthcare facility itself. Even though this study identified 49 malware attacks, we know this number is significantly higher based on data from HIMSS and the FBI. A reporting loophole exists in that hospitals are only required to report attacks in the case of breached protected health or financial data. For HCOs to fully understand the risk cyberthreats pose, it is important for attacks to become public information and for lessons learned to be shared. Future research reviewing identified attacks could help identify best practices for the healthcare industry to better prepare for cyberattacks.
Highlights
The healthcare industry has begun seeing a new hazard develop against them- the threat of cyberattack
Even though this study identified 49 malware attacks, we know this number is significantly higher based on data from Healthcare Information and Management Systems Society (HIMSS) and the Federal Bureau of Investigation (FBI)
For Healthcare organizations (HCOs) to fully understand the risk cyberthreats pose, it is important for attacks to become public information and for lessons learned to be shared
Summary
The healthcare industry has begun seeing a new hazard develop against them- the threat of cyberattack. The healthcare industry has been facing a new type of hazard; bad actors have started targeting hospitals and other healthcare facilities for cyberattacks This industry is vulnerable to cyberattacks because healthcare providers depend on up to date information from electronic health data. Healthcare organizations (HCOs) have become much more reliant on health information technology over the past decade Another vulnerability that makes hospitals susceptible to cyberattacks are the out of date cybersecurity systems at many facilities and limited training for staff on safe cyber practices (2). These characteristics combined make HCOs good targets for attack (1, 3)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
