Jason G. Weiss Discusses Recent Ransomware Attack against Hospital

In the article, "Ransomware Attack at Hospital Leads to Patient's Death," HealthcareInfoSecurity reports on a ransomware attack that reportedly was directed at a German university but shut down emergency services at an affiliated hospital, contributing to the death of a patient.

The publication turned to privacy, cybersecurity and data strategy counsel Jason G. Weiss for insight on the attack and what it means for health care organizations.

An attack that apparently targeted a university, but instead crippled an affiliated hospital, "shows a lack of depth and sophistication by the threat actors who did not understand the scope or area of effect of their attack and its ultimate consequences," Weiss said.

"It appears in this case the threat actors did not understand the implications or depth of the ransomware attack they launched, which is, sadly, very common," he added.

According to Weiss, it appears that in this incident, "the threat actors did not understand the 'operational technology' networks used by the university and the effect their attack would have on the university and the hospital."

Weiss told the publication that healthcare facilities are becoming more vulnerable "as resources become more strained by the COVID-19 pandemic. It puts more resource pressures on the healthcare providers and makes them far more susceptible to these types of attacks, since their IT departments are already stretched to capacity by the pandemic."

"It is a perfect storm for threat actors looking to financially exploit healthcare providers in this turbulent period."

Weiss also shared how hospitals and other healthcare provider organizations can take steps to mitigate the risks posed by ransomware attacks.