On February 5, 2017, Hollywood Presbyterian Medical Center, a 434-bed short-term acute care hospital in Los Angeles, became the victim of a cyber attack. Using malware, hackers seized control of the facility’s digital infrastructure, including the computer system, putting lives in danger and forcing the relocation of many high-risk patients.
To restore its system, the medical center paid the hacker a $17,000 ransom in bitcoin. But the penalty could have been far greater. And this scenario demonstrates just how vulnerable many of today’s smart healthcare buildings are to cybercrime.Electric grids are evolving rapidly, disrupted by regulatory changes, distributed generation, renewable portfolio standards, and evolving technology. Energy storage is uniquely positioned at the heart of all of this change. Download Greensmith Energy's White Paper to learn more about improving economics and demystifying energy storage systems.
“The malware locks systems by encrypting files and demanding ransom to obtain the decryption key,” said the medical center’s chief executive, Allen Stefanek. “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.”
The Los Angeles Times reports that since 2010, at least 158 institutions, including medical providers, insurers, and hospitals, have reported being hacked or experiencing breaches in information technology that compromised patient records. In July of 2017, hackers gained access to as many as 4.5 million patient records in UCLA Health System’s computer network.
The disruption of medical services caused by cyberattacks has the potential to be devastating. Blocked access to patient records, laboratory results, and critical patient information could result in lost lives. And according to a report released by the US Department of Homeland Security, the healthcare field remains one of the richest targets for ransomware attacks because of its need for immediate access to patient records.
It seems that the more connected our buildings are, the more vulnerable they become. The interconnected technologies and medical imaging machines that streamline processes and facilitate treatment can also expose healthcare facilities to cyberattacks.
According to security experts, addressing these issues at all levels of the planning, building, design, and deployment stages is more important than ever. In addition, many feel that establishing a digital infrastructure to provide secure platforms would help protect against unlawful system entry. Recently, industry groups such as the Internet of Things Security Foundation (IoTSF) have established working groups to develop standards and industry requirements such as an IoT cybersecurity framework for healthcare buildings and critical infrastructure.
Beyond digital infrastructure, what solutions do you feel would help enhance cybersecurity at healthcare facilities?