Child nearly dies because of ransomware attack on hospital chain

Hospital Ransomware

Ransomware attacks can often feel distant, or impersonal. A shipping company has some logistics problems, or a regional publishing company loses access to its computers for a bit. While we know these can be devastating financially for businesses (especially for small- or medium-sized businesses who may not carry cyber insurance), it’s still… just business. But a recent story from NBC News shows how ransomware can get a lot more personal, a lot faster.

Child nearly dies in a hospital compromised by a ransomware attack

According to the reporting from NBC News, Kelley Parsi took her 3-year-old son to a hospital in Iowa for dehydration after tonsil surgery. The children’s hospital she took him to, however, had been the target of a ransomware attack some time before they got there.

The doctors were unable to pull up his records or use their normal systems for things like medicine dosing… and Kelley Parsi said her son received 5x the recommended dose of painkillers for her son’s age/weight.

The good news is that her son is fine and made a full and speedy recovery. But, this incident underlines just how personal ransomware can be. Some patients might not be so lucky, and their lives are truly at risk when hospital systems don’t work as designed.

Ransomware more prevalent than ever

In the video, John Riggi, the National Advisor for Cybersecurity and Risk with the American Hospital Association, said that “at this point, the cyber attacks against U.S. healthcare, and ransomware attacks, are at an unprecedented level.”

According to the independent, international CyberPeace Institute, 103 hospital and patient care facilities were the victims of ransomware attacks in 2021, 60 more than in 2020. Put another way, that’s nearly a 240% increase in ransomware attacks against hospitals or other patient care facilities — in a single year!

When asked if the American healthcare system had ever faced an external threat like this, Riggi said, “In terms of cyber, I would say no.”

The takeaway

Cyberattacks, and ransomware attacks in particular, are not some faceless menace only attacking huge, impersonal corporations — their tendrils are making their way into our personal lives and interfering with our actual health. The danger of someone dying from a ransomware-induced complication is not only real but proximate too.

But what does that mean for you, your family and your business?

You don’t have to be a huge hospital to suffer an attack. From a personal perspective, there are several strategies you can use to protect yourself — two-factor authentication on everything, password managers to produce long and complex passwords, a healthy skepticism about everything you see or is sent to you online… But for businesses, there are more systemic changes you can make.

We’ve outlined some of the ways herehere and here. But at the most basic level, partnering with a managed service provider like Leverage to handle your cybersecurity posture can take the headache, uncertainty and fear out of managing a complex and ever-changing threat environment.

If you’d like to learn more about how we might be able to help you and your business, give us a shout — we’d love to show you how we can help keep your business safe.