• Login
    • Join
  • FOLLOW:
  • Subscribe Free
    • Magazine
    • eNewsletter
    Checkout
    • Magazine
    • News
    • Opinions
    • Top 30
    • Research
    • Supply Chain
    • Device Sectors
    • Directory
    • Events
    • Resources
    • Microsites
    • More
  • Magazine
  • News
  • Opinions
  • Top 30
  • Research
  • Supply Chain
  • Device Sectors
  • Directory
  • Events
  • Resources
  • Microsites
  • Current / Back Issues
    Features
    Editorial
    Digital Edition
    eNewsletter Archive
    Our Team
    Editorial Guidelines
    Reprints
    Subscribe Now
    Advertise Now
    Top Features
    MPO's 2023 Medical Device Industry Year in Review

    The Beat Goes On in the Cardiovascular Device Market

    Medical Manufacturers Gain Support from 3D Printing

    The Intelligent Tools Medical Device Manufacturers Already Own

    MPO's 2023 Medtech Supply Chain Survey
    OEM News
    Supplier News
    Service / Press Releases
    Online Exclusives
    Press Releases
    People in the News
    Product & Service Releases
    Supplier News
    Medtech Makers
    Technical Features
    International News
    Videos
    Product & Service Releases
    Live From Shows
    Regulatory
    Financial/Business
    Top News
    MPO's Most-Read Stories This Week—Dec. 9

    Babson Diagnostics’ BetterWay Achieves Regulatory Milestone

    WhiteSwell Successfully Treats Acute Decompensated Heart Failure in Study

    Everly Health Releases At-Home Collection Kidney Health Test

    Kenco Adds Two to its Life Sciences Division Team
    From the Editor
    Blogs
    Guest Opinions
    Top Opinions
    MPO's 2023 Medical Device Industry Year in Review

    The Beat Goes On in the Cardiovascular Device Market

    Medical Manufacturers Gain Support from 3D Printing

    The Intelligent Tools Medical Device Manufacturers Already Own

    MPO's 2023 Medtech Supply Chain Survey
    Top 30 Medical Device Companies
    Market Data
    White Papers
    Top Research
    A Peek Into the 2028 MPO Summit

    Retail Healthcare Disruptors and Medical Devices

    Six Developments Your Talent Strategy Should Prepare for in 2024

    The Power and Paradox of Never

    Navigating the Q-Sub Program: How Experienced Lab Partners Can Help Streamline Regulatory Submission
    3D/Additive Manufacturing
    Contract Manufacturing
    Electronics
    Machining & Laser Processing
    Materials
    Molding
    Packaging & Sterilization
    R&D & Design
    Software & IT
    Testing
    Tubing & Extrusion
    Cardiovascular
    Diagnostics
    Digital Health
    Neurological
    Patient Monitoring
    Surgical
    Orthopedics
    All Companies
    Categories
    Company Capabilities
    Add New Company
    Outsourcing Directory
    Halkey-Roberts Corporation

    LEMO USA Inc.

    maxon

    Providence Enterprise USA Inc.

    BMP Medical
    MPO Summit
    Industry Events
    Webinars
    Live From Show Event
    Industry Associations
    Videos
    Career Central
    eBook
    Slideshows
    Top Resources
    Telemedicine for Neurology: 5 Benefits of Remote Management

    Machining 101: A Review of Machining Components with a Five-Axis System

    MedTech 2024: Top 5 Trends Shaping a Dynamic Industry

    Early Warning: A Q&A with Abbott's CMO of Heart Failure

    2023 in Review: Medtech's Mega-M&A Is MIA
    Companies
    News Releases
    Product Releases
    Press Releases
    Product Spec Sheets
    Service Releases
    Case Studies
    White Papers
    Brochures
    Videos
    Outsourcing Directory
    Halkey-Roberts Corporation

    LEMO USA Inc.

    maxon

    Providence Enterprise USA Inc.

    BMP Medical
    • Magazine
      • Current/Back Issues
      • Features
      • Editorial
      • Columns
      • Digital Editions
      • Subscribe Now
      • Advertise Now
    • News
    • Directory
      • All Companies
      • ALL CATEGORIES
      • Industry Associations
      • Company Capabilities
      • Add Your Company
    • Supply Chain
      • 3D/Additive Manufacturing
      • Contract Manufacturing
      • Electronics
      • Machining & Laser Processing
      • Materials
      • Molding
      • Packaging & Sterilization
      • R&D & Design
      • Software & IT
      • Testing
      • Tubing & Extrusion
    • Device Sectors
      • Cardiovascular
      • Diagnostics
      • Digital Health
      • Neurological
      • Patient Monitoring
      • Surgical
      • Orthopedics
    • Top 30 Company Report
    • Expert Insights
    • Slideshows
    • Videos
    • eBook
    • Resources
    • Podcasts
    • Infographics
    • Whitepapers
    • Research
      • White Papers
      • Case Studies
      • Product Spec Sheets
      • Market Data
    • MPO Summit
    • Events
      • Industry Events
      • Live From Show Events
      • Webinars
    • Microsite
      • Companies
      • Product Releases
      • Product Spec Sheets
      • Services
      • White Papers / Tech Papers
      • Press Releases
      • Videos
      • Literature / Brochures
      • Case Studies
    • About Us
      • About Us
      • Contact Us
      • Advertise with Us
      • eNewsletter Archive
      • Privacy Policy
      • Terms of Use
    Features

    Ransomware Attacks Push Cybersecurity into the Spotlight—2021 Year in Review

    Healthcare-related cyberattacks more than doubled in 2020, with ransomware accounting for 28 percent of all assaults.

    Ransomware Attacks Push Cybersecurity into the Spotlight—2021 Year in Review
    Michael Barbella, Managing Editor11.10.21
    It should have been a routine birth.
     
    Terrianni Kidd’s final ultrasound, conducted a week before her delivery, showed a healthy baby and normal womb. A seamless end to a trouble-free pregnancy was nigh.
     
    Or so Kidd thought.
     
    There was nothing blatantly amiss at Springhill Memorial Hospital the day Kidd arrived to deliver her child. But privately, the 263-bed acute care facility was contending with a ransomware attack that disabled its computers, wireless devices, and electronic equipment, including life-saving fetal cardiac monitors.
     
    With those monitors dark, the hospital’s labor and delivery staff relied upon proximity and bedside fetal heart monitors to track embryonic health. Kidd was unaware of the change (and cyberattack, actually) during her stay at Springhill Memorial, she argues in a wrongful death/negligence lawsuit she filed against the Mobile, Ala.-based institution last January.
     
    About an hour before Kidd gave birth, her monitor detected an accelerated fetal heartbeat—a symptom indicative of low blood and oxygen levels. The deficiency has various causes, one of which is nuchal cord, better known as umbilical cord around the neck.
     
    Increased fetal heart rates usually result in Caesarean section deliveries because the baby needs immediate treatment. But Kidd had a traditional vaginal delivery on July 17, 2019, giving birth to an unresponsive girl with the umbilical cord wrapped around her neck.
     
    Diagnosed with severe brain damage, acute kidney injury, and other medical conditions, Kidd’s daughter—Nicko Silar—died nine months later after months of intensive care at another facility.
     
    Springhill Memorial, pursuant to published reports, denies wrongdoing, contending it was not bound by Yellowhammer State law to inform Kidd of the cyberattack and did not create a “false, misleading and deceptive narrative” about the incident, as the lawsuit claims. The hospital wants the latter charge dismissed.
     
    The lawsuit is scheduled for trial next fall; if Kidd’s claims are proven, Silar’s death would be the first conclusively tied to a cyberattack. A Kidd victory also would underscore the grave danger posed by healthcare hacking, which has accelerated significantly in recent years.
     
    Healthcare-related cyberattacks more than doubled in 2020, with ransomware accounting for 28 percent of all assaults, an IBM X-Force report concluded. The industry was the seventh-most targeted sector, up from last place in 2019, and accounted for 6.6 percent of all attacks against the top 10 industries, statistics indicate.
     
    Researchers attribute the rise in healthcare cyberattacks to the pandemic and a surge in ransomware exploits against hospitals. “In essence, the pandemic reshaped what is considered critical infrastructure today, and attackers took note,” explained Nick Rossman, global threat intelligence lead for IBM Security X-Force. “Attackers’ victimology shifted as the COVID-19 timeline of events unfolded, indicating yet again, the adaptability, resourcefulness, and persistence of cyber adversaries.”
     
    That inventiveness and persistence has subjected healthcare organizations to a constant bombardment of cyberattacks and related disruptions. Seven of 10 healthcare systems hit with a ransomware attack in the last two years faced delays in procedures and test results, and 65 percent transferred patients more frequently, Ponemon Institute data show. One in five also experienced higher mortality rates.
     
    The numbers substantiate a May FBI warning about the public danger and potential care delays engendered by ransomware attacks against healthcare entities and first responders.
     
    “Targeting healthcare networks can delay access to vital information, potentially affecting care and treatment of patients including cancellation of procedures, rerouting to unaffected facilities, and compromise of Protected Health Information,” the FBI alert stated.
     
    Such consequences are no longer conceptual, though: In mid-October alone, ransomware attacks crippled IT systems at two Indiana hospitals and a 495-bed Israeli medical center, forcing the latter facility to cancel some non-urgent procedures and install alternative computer systems.
     
    Ransomware also disarmed Olympus Corp.’s IT systems in the Americas around the same time, but the endoscopic equipment behemoth escaped unharmed without sacrificing sensitive data. And while Olympus did not disclose its attacker’s identity, ransom notes found on the impacted systems implicated BlackMatter, a new ransomware threat first detected in late July, technology website Bleeping Computer reported.
     
    The rise in ransomware attacks—and their grave repercussions—has spawned a flurry of U.S. FDA guidance and safety communications in recent years. In June, the agency voiced its support for national standards and guidelines addressing a Software Bill of Materials (SBOM), an electronically readable inventory of third-party medical device components. The FDA maintains that SBOMs are key to securing the software supply chain and critical to managing patient safety risks.
     
    “Publicly noted cybersecurity incidents in 2021 include ransomware disabling the Irish Healthcare Service, ransomware disrupting a hospital for weeks, and a fundamentally new problem where ransomware remediation disrupted the cloud services necessary for critical function of cancer radiation therapy rather than simply disrupting electronic health record systems and other, more traditional hospital IT infrastructure,” the FDA said in response to a National Institute of Standards and Technology call for position papers on cybersecurity enhancements. “Such increasingly common ransomware incidents highlight the ungraceful failure of perimeter-based firewalls and the safety consequences of not separating OT from IT by design. Currently, there is no statutory requirement (pre- or post-market) that expressly compels medical device manufacturers to address cybersecurity.”
     
    The FDA is working to fix that oversight, however, by seeking the necessary “legislative authorities” to issue such mandates. Specifically, the agency wants medtech manufacturers to include SBOMs with their premarket submissions, and a strategy for updating and patching security into a product’s design. The FDA also is lobbying for new postmarket authority to require that manufacturers adopt policies and procedures to disclose cybersecurity vulnerabilities in real-time, as they are identified.
     
    “The degree of medical device connectedness has really changed in the last 10 years. The risks have been the same, but the consequences are changing just because of how much we depend on them [devices],” noted Kevin Fu, Ph.D., acting director of medical device cybersecurity at FDA’s Center for Devices and Radiological Health. Appointed to his temporary (one-year) position in early February, Fu is on loan from the University of Michigan, where he is an associate professor and chief scientist at the Archimedes Center for Medical Device Security. Fu and his doctoral students co-founded medical device cybersecurity startup Virta Laboratories Inc.
     
    “Earlier this year [we] entered a watershed moment for medical device security [with] a radiation therapy product. Instead of ransomware randomly disabling access to electronic health records, which is still quite inconvenient, the ransomware in this case, or the remediation process to the ransomware, caused an outage such that patients could not receive that particular therapy from the device,” Fu said. “That was something we haven’t seen before. You can’t have a safe and effective medical device if it’s unavailable. This is the new challenge.”
     
    Assisting the medtech industry with this latest challenge is the Center for Medical Device Cybersecurity (CMDC), an entity that launched earlier this fall at the University of Minnesota (Minneapolis-St. Paul). Founded and partly funded by five large healthcare firms—Abbott Laboratories, Boston Scientific Corp., Medtronic plc, Optum, and Smiths Medical—the CMDC will act as a collaborative hub for discovery, outreach, and workforce training in medical device security.
     
    The CMDC is located within the Technological Leadership Institute, a center within the College of Science and Engineering that focuses on developing leaders in various tech industries. Other CMDC collaborators include the Earl E. Bakken Medical Devices Center, Technological Leadership Institute, and the Office of the Vice President for Research.
     
    “It’s been a sea change over the last 10 to 15 years,” Fu said. “Fifteen years ago, the medical device community was still in the ‘Is this a problem?’ [stage] and it’s clear to me we are no longer in the ‘Is this a problem?’ [stage] but more of a ‘What can the [medical] community do to defend itself now that there are nation-states and organized real-threat actors causing harm and damaging the safety and effectiveness of medical devices?”
     
    Good question, but a difficult one to answer.
     
    Be sure to review the other portions of the 2021 Year in Review feature:

    MDR/IVDR Rollout and Challenges
     
    Supply Chain Struggles for Medtech Manufacturers
     
    M&A Accelerates During the Pandemic
     

    Related Searches
    • Software & IT
    Related Knowledge Center
    • Software & IT
      Loading, Please Wait..

      Breaking News
      • MPO's Most-Read Stories This Week—Dec. 9
      • Babson Diagnostics’ BetterWay Achieves Regulatory Milestone
      • WhiteSwell Successfully Treats Acute Decompensated Heart Failure in Study
      • Everly Health Releases At-Home Collection Kidney Health Test
      • Kenco Adds Two to its Life Sciences Division Team
      View Breaking News >
      CURRENT ISSUE

      November 2023

      • MPO's 2023 Medical Device Industry Year in Review
      • The Beat Goes On in the Cardiovascular Device Market
      • Medical Manufacturers Gain Support from 3D Printing
      • The Intelligent Tools Medical Device Manufacturers Already Own
      • View More >

      Cookies help us to provide you with an excellent service. By using our website, you declare yourself in agreement with our use of cookies.
      You can obtain detailed information about the use of cookies on our website by clicking on "More information”.

      • About Us
      • Privacy Policy
      • Terms And Conditions
      • Contact Us

      follow us

      Subscribe
      Nutraceuticals World

      Latest Breaking News From Nutraceuticals World

      Women in Nutraceuticals Hires Executive Director Rebecca Takemoto
      FDA Issues Interim Response to Nammex’s Mushroom Labeling Petition
      MSM Linked to Improvements in Knee Pain
      Coatings World

      Latest Breaking News From Coatings World

      Weekly Recap: PPG, PPG Asian Paints, AkzoNobel Top This Week’s Stories
      Orion S.A. Has Four Carbon Black Plants Awarded ISCC PLUS
      Peninsula Polymers Acquires New Distribution Center in Indiana
      Medical Product Outsourcing

      Latest Breaking News From Medical Product Outsourcing

      MPO's Most-Read Stories This Week—Dec. 9
      Babson Diagnostics’ BetterWay Achieves Regulatory Milestone
      WhiteSwell Successfully Treats Acute Decompensated Heart Failure in Study
      Contract Pharma

      Latest Breaking News From Contract Pharma

      FDA Approves Bio-Thera's Biosimilar Referencing Roche’s Avastin
      Full-Life Technologies to Build GMP Radiopharmaceuticals Mfg. Facility
      Innovent Biologics, Synaffix Expand ADC Licensing Deal
      Beauty Packaging

      Latest Breaking News From Beauty Packaging

      COSRX’s Latest TikTok Campaign Accumulates 3.2B Views on TikTok
      Christian Louboutin Taps Morgane Martini as Global Makeup Artist
      Shiseido Forms New Venture Fund
      Happi

      Latest Breaking News From Happi

      Diya Beauty & Wellness Acquires WR Group's Retail Brands and North American Sales Division
      Pantone Color of the Year & A New CEO
      When It Comes to Bath and Body Rituals, Consumers Want The Works
      Ink World

      Latest Breaking News From Ink World

      Weekly Recap: Siegwerk, DIC, and Müller Martini Top This Week’s Stories
      Orion S.A. Now Has Four Carbon Black Plants Awarded ISCC PLUS
      BASF Commits to Scope 3.1 Emissions Targets
      Label & Narrow Web

      Latest Breaking News From Label & Narrow Web

      Analyzing the Russian label market, Carter boosts brands and more
      FLAG’s December Lunch & Learn to feature Omet
      UPM Raflatac releases neuromarketing study findings
      Nonwovens Industry

      Latest Breaking News From Nonwovens Industry

      Weekly Recap: New Dates for INDEX 26, Campen Announces Patent Pending Status for Airlaid Trays
      Ginni Strikes Deal to Sell Spinning, Knitting Operations
      Campen Machinery Announces Patent Pending Status for Airlaid Trays
      Orthopedic Design & Technology

      Latest Breaking News From Orthopedic Design & Technology

      ODT's Most-Read Stories This Week—Dec. 9
      Fujitsu, iSurgery Launch Bone Health Promotion Project in Japan
      Wenzel Spine Hires Dr. Robert Gordon as Executive Chairman
      Printed Electronics Now

      Latest Breaking News From Printed Electronics Now

      Weekly Recap: Schreiner MediPharm, GIANCE and PragmatIC Top This Week’s Stories
      Intel CEO Pat Gelsinger to Cover AI During CES 2024 Keynote
      Ciena Invests in US Manufacturing with Flex

      Copyright © 2023 Rodman Media. All rights reserved. Use of this constitutes acceptance of our privacy policy The material on this site may not be reproduced, distributed, transmitted, or otherwise used, except with the prior written permission of Rodman Media.

      AD BLOCKER DETECTED

      Our website is made possible by displaying online advertisements to our visitors.
      Please consider supporting us by disabling your ad blocker.


      FREE SUBSCRIPTION Already a subscriber? Login