How Extreme Weather Events Increase the Risk of Cyber Attacks on Health Systems

Severe and extreme weather events can directly impact the critical services we rely on, from energy and utilities to healthcare. Hurricanes, floods, and heatwaves not only pose a risk to human life; they also expose weaknesses in health systems.

Many healthcare facilities have increasingly turned to the Internet of Medical Things (IoMT) technology to enhance and manage patient care, and the number of IoMT devices in hospitals is expected to exceed 7 million by 2026. Despite the numerous advantages of connected devices, they can create heightened cybersecurity risks. Extreme weather events can further amplify inherent weaknesses in connected devices.

When healthcare facilities understand the connection between extreme weather and increased cybersecurity risks, they can be better prepared, giving them one less critical issue to worry about during a disaster. More than ever, addressing both the physical and cyber aspects of health system resilience is crucial.

Healthcare Cybersecurity Risks and Extreme Weather

Critical infrastructure has long faced increased cybersecurity risks, and healthcare, in particular, has become a favorite target for malicious actors. The past few years have seen a dramatic rise in attacks targeting healthcare systems, where the stakes for downtime and data breaches are high. According to the U.S. Department of Health and Human Services (HHS) Office of Civil Rights, ransomware attacks on healthcare have surged by 264% over the last five years. Cyber attacks like ransomware not only pose a risk to patient privacy — they can also disrupt critical patient care by causing outages or taking connected devices and systems offline.

Extreme weather events escalate cybersecurity risks for healthcare facilities by overburdening emergency response teams and weakening defenses. Healthcare workers are often overextended during weather crises, and facilities may see an influx of new patients. As a result, cybersecurity efforts may be deprioritized or diverted, creating opportunities for threat actors.

A Johns Hopkins study found the combined “double threat” of a cyber attack during a weather event can make regional power outages three times worse. While the study focused on threats to the power grid, such a disruption would likely also impact healthcare services. IoMT devices rely on continuous connectivity to health systems and the cloud for monitoring and data transmission. If a weather event resulted in increased power outages, it could result in network outages, leaving devices vulnerable to cyber attacks when systems reconnect without proper security checks.

How Would a Cyber Attack During Extreme Weather Impact Health Systems?

Threat actors are highly opportunistic and thrive in the chaos and uncertainty that often accompany disasters. Although there has not yet been a documented large-scale cyber attack against a healthcare facility during extreme weather, they have capitalized on natural disasters to launch attacks and cause outages in other sectors.

In 2021, Hurricane Ida in Louisiana left over one million people without power or internet. In the days following the storm, malicious actors launched a “malware attack” on the 24th Judicial District Court, disrupting its database and extending its storm-related closure.

Recognizing the increasing risks posed by cyber threats during extreme weather, the U.S. National Guard has conducted drills to prepare for potential cyber-attacks. In Indiana, these drills include collaboration with healthcare providers. By engaging healthcare providers, the National Guard aims to enhance the stability of critical health infrastructure, ensuring healthcare facilities and professionals are better equipped to respond to emergencies that may be compounded by cyber attacks.

How Can Health Systems Prepare?

Access to healthcare is not merely a service; it represents critical infrastructure whose accessibility and stability are essential for community well-being. The National Cybersecurity Strategy explicitly calls for enhanced protection of critical infrastructure.

IoMT devices have become essential to the patient care experience. They increase care accessibility by providing remote, real-time health monitoring and personalized treatment options. The interconnected nature of these devices, and modern health systems in general, necessitates robust protection.

However, many healthcare facilities face challenges that complicate their ability to secure connected devices. Many facilities struggle with limited device visibility, and staffing shortages can make it challenging to locate, maintain, and update even critical IoMT devices. Data shows that 89% of healthcare organizations experience almost one attack per week for an average of 43 attacks in the past 12 months.

To mitigate the risk of cyber attacks, even during extreme weather events, there are several proactive strategies healthcare facilities can employ.

Regular risk assessments can help identify vulnerabilities in both digital and physical infrastructure. On average, a hospital has between 10 and 15 medical devices per bed, which means a 1,000-bed hospital could have around 15,000 medical devices. To manage an attack surface of this size, healthcare facilities need a complete and accurate picture of all the connected devices on the network, both IoMT and standard IT devices. A purpose-built IoMT management solution can help provide an enhanced level of visibility. Additionally, all devices on the network require robust monitoring to detect and resolve critical vulnerabilities. Using a risk-based approach to vulnerability management, healthcare facilities can identify their most vulnerable infrastructure and harden it against cyber threats.

Having a well-defined cybersecurity plan (also called an incident response plan) can significantly enhance a facility’s ability to respond effectively to cyber threats and maintain operational continuity during crises. The Cybersecurity and Infrastructure Security Agency (CISA) and other federal agencies offer resources that can serve as the building blocks for a comprehensive plan.

How Asimily Helps Secure Health Systems

Extreme weather events will continue to pose a challenge to all industries. However, the convergence of extreme weather and cyber attacks can be mitigated, and taking proactive steps is essential to securing health systems and protecting patients.

By partnering with Asimily, healthcare facilities can safeguard their network against cyber threats. Our platform is purpose-built to provide smart cities with visibility into their entire IoT device inventory, allowing them to make good risk-based decisions about their critical infrastructure.

In the event of an extreme weather event, resources are stretched thin. Our comprehensive cybersecurity approach ensures minimal disruptions to smart city critical services. The Asimily platform, with its rapid response features, quickly captures packets to aid incident responders. 

With Asimily, security teams can keep a handle on their IoT attack surface and ensure they are as safe as possible, providing a sense of reassurance and security.

To learn more about Asimily, download our whitepaper, IoT Device Security in 2024: The High Cost of Doing Nothing, or contact us today.