Last month, a ransomware attack infested 30 servers at a hospital in Düsseldorf, knocking computers offline and forcing doctors to turn away emergency patients. Tragically, one of those patients died while being taken 20 miles to another hospital.
The incident marked the first time that a ransomware attack cost someone their life — but it’s unlikely to be the last such tragedy. Hospitals are increasingly in the firing line as cybercriminals seek to extort organizations, because hackers know that with lives on the line if data isn’t recovered, their demands are likely to be met quickly.
In 2019, a record 764 American health care providers were targeted by ransomware attacks, and organizations collectively paid $7.5 billion to restore lost data. With about three quarters of victims giving in and paying the ransoms, the attacks are a lucrative business for their perpetrators. In fact, cybercriminals are upping their prices: last year, for instance, hackers demanded $14 million to release the data of a group of U.S. nursing homes.
This threat isn’t going away anytime soon, so it’s essential that healthcare providers work to put robust security systems in place. In part, that means educating frontline employees about the need to take proper precautions. But in these stressful times, it simply isn’t reasonable to expect doctors and nurses — whose attention should be fully focused on their patients — to get everything right, all the time.
What’s needed is a way to alleviate the burden that lies on these workers and eliminate human error at the source, by automating as many decisions made by people as possible. An AI tool never gets stressed out or distracted, so using machine-learning systems to handle chores like data classification can help to ensure that medical records and other vital assets get the protection they need. And of course, the more you can eliminate or automate those chores, the more time your employees will have for everything else. That means better care for patients, better compliance with PPE and sanitation protocols — and more time for education around phishing and other critical cybersecurity issues.