VIDEO: Surface attacks in health care will be a ‘source of constant vulnerability’

ORLANDO — In this video, a presenter at the AIMed24 Annual Meeting talks about growing cybersecurity threats in health care and what strategies could effectively address them.

“I think the growth of what is called the surface attack in the past few years is going to be a solid source of constant vulnerability for the foreseeable future,” Alon Yoav Ben-Ari, MD, MSc, chief medical information officer and associate chief of staff for clinical informatics at Northern California VA Health Care System, told Healio. “It has been at least a decade now that health care systems are being targeted... I don’t see this going away anytime soon.”

According to 2023 HHS data, a 239% increase in large data breaches involving hacking occurred over last 4 years, along with a 278% increase in ransomware.

Ben-Ari underlined the necessity of mitigating surface attacks and “at a minimum, try to have the ability to segment and contain breaches.”

Compliance also contributes to cybersecurity threats, such as in the Change Healthcare data breach “where there was a single server that wasn’t patched properly [and] did not have two-factor authentication,” he added.

“To the extent that compliance issues are mostly human, we could abstract the human out of it and probably would be able to move the dial on that,” Ben-Ari explained, but such a solution is “probably easier said than done.”

References:

• Ben-Ari A. Navigating cybersecurity threats in healthcare: insights, costs, and transformation. Presented at: AIMed24 Annual Meeting; Nov. 17-19, 2024; Orlando.
• HHS’ Office for Civil Rights settles ransomware cyber-attack investigation. Available at: https://www.hhs.gov/about/news/2023/10/31/hhs-office-civil-rights-settles-ransomware-cyber-attack-investigation.html. Published Oct. 31, 2023. Accessed Dec. 18, 2024.