I have worked for decades in Healthcare IT, and as you can guess, I have very strong feelings on this. When I posted above at #6, I was in no way hyperbolic or exaggerating for effect.
I have been on vacation for several weeks (first time in nearly thirty years I have been able to do that) and when I saw this title, my heart went into my throat as I scanned the affected regions.
I am posting this because many people are unaware of the threat specifically faced by hospitals.
For those who are unaware, ransomware attacks are the preferred choice of professionals now against hospitals. We are constantly on guard for a host of other types of vulnerabilities, but ransomware attacks are the ones that cause us to lay awake in bed in the dark of the night, and send chills down our spine when we hear of a threat or attack.
They attack hospitals because...they are the most vulnerable to being preyed upon for profit. Many hospitals have paid to resolve the ransomware attacks, because they have to.
And ransomware attackers know this.
There was a hospital in the last several years in my region that was hit with a vicious ransomware attack. They were generous enough to share their experience with people in healthcare, and I was invited with dozens of other people to take part in a videoconference where they discussed it in detail.
The ransomware attack not only encrypted their database and other key components, it sought out backups, and encrypted those too. And it also attacked their network and took that down, IIRC.
In a flash, they were taken back to a time when hospitals used paper requisitions for procedures and had no easy access to prior medical imaging, and no way to view or share current imaging. Their digital dictation was also taken down.
There was no workable “downtime procedure” to prepare them for that scenario as all who listened well understood. It put them out of commission for months, and last I heard and got caught up in my own affairs (and thus did not follow further) they were still not fully back online.
They said it was like the zombie apocalypse, in the beginning, they had to lock the doors to the rooms where the physicians were working to allow them to work, while other clinicians assembled in a group outside the door waiting for test results.
As they discussed it in terrible detail, you could hear the awful emotion in their voices. That experience left a mark on them, knowing people were depending on them to find a way to provide care on the fly, some of them depending with their lives. (I believe they were the only Level I trauma center in the state, so they couldn’t divert to another hospital on many things as might normally be done in an event like this)
My team members who were on that call were similarly affected, and we determined that we were going to find somehow, some way to function, at some level if we ever fell prey to it, but the problems of doing this are so huge in the modern medical environment, and so costly, that we have been unable to do more than discuss prospective solutions. One of my team has written a rudimentary order entry system for our department that we can put on a server off the network that will allow us to place “orders” for tests, put results on them, and print them out to a printer connected directly to the server. We still have not solved image storage and distribution in this situation, but that will likely involve a completely offline system with multiple workstations connected for image interpretation for more than one physician. All bypassing the data closets, or possibly using the same networking wiring to the closets without the advanced switches and such in the closets, because the ransomware attack took those down as well, IIRC.
It is easy to be an observer and say “they should have done this, and they should have done that” but the fact of the matter is...if all these things, visible or not, that we depend on to function go down, your options narrow quite dramatically. And to plan this stuff, for a total disablement of modern infrastructure that depends on networks and communication, is nearly impossible, especially in a healthcare environment. It takes time, money, and resources.
This is something we should all keep in mind. Nobody thinks this will happen to the Internet where everyone is knocked offline. Impossible, they say. Too much redundancy, they say. But if we have a major EMP event, man-caused or naturally caused (similar to the Carrington Event of 1859) the entire world is going to be in big trouble.
My wife and I were observing a trio of young college age students in a very rural college, videoconferencing at a coffeeshop, all of them glued to their phones, communicating and generally completely unaware that there was a world all around them, never mind the person sitting a foot away in their group. I understood their desire to live a different type of human experience, but at the same time, had the sinking feeling that if we did experience a major EMP pulse because of a massive solar storm and the entire Internet went down, people like these kids would be like bugs, on their backs, their legs wiggling helplessly in the air.
We have done so much, to make various forms of knowledge (ranging from fixing a kitchen sink to records of ancient civilizations) available at the touch of a finger, that if technology were removed, we might lose access to ALL of that, as the “hard copy” is thought by many to be unnecessary. I know of large businesses that have completely ignored the concept of “hard copy”.
Honestly, it frightens me a bit.
We all need to be aware of this possibility, and I think the overwhelmingly massive groups of people in developed countries are simply totally detached and unaware of this terrible possibility.
It is disconcerting, and very sobering.
And that is one reason, that we have become so utterly dependent on technology, that I feel that hacking needs to be addressed severely and head on.
There was once a time when piracy was endemic. If you traveled the seas, you had to be aware of any unknown ship appearing on the horizon, because the pirates you would encounter are nothing like the pirates you see romanticized in Hollywood today.
There is a reason we only really see piracy now in places like the Horn of Africa or the coastal seas of some Asian regions-because the world decided to deal with piracy uniformly and severely, to the point of displaying the bodies of convicted pirates in cages at the entrances of harbors around the world, coated in tar to preserve them.
We need to do the same to hackers, and severely punish countries that openly tolerate that activity.
> They attack hospitals because...they are the most vulnerable
Everybody cries victim. I have zero pity for the medical industrial complex. If they paid for competent IT staff to architect and implement systems instead of diversity enforcement directors it could be far less of a risk.
But, you know, priorities.
thanks
Thank you for taking the time to lay out the details. It is a huge deal when a computer system in a hospital goes down. It’s not so easy to just go back to paper. Younger nurses have little experience with that. They are trained and geared toward that. Moreover the baseline is zero. The relevant data went down with the computer so there is nothing to refer to. The chart starts at zero. You may not even have a patient’s name let alone a diagnosis. People who haven’t worked in a hospital are clueless
You laid it out shirt and direct. Thank you
Thank you- you’ve laid out the situation clearly. In my hospital when our phones are down or various software apps are out it’s a nightmare. The snowball effect is in full force. If a doc can’t access STAT test results they’re unable to even consider the next treatment options for the patient. And that’s just one example. Scary. Really scary.