(NewsNation) — Cyberattacks have played havoc with the bottom lines of companies all over the world. They’re also starting to kill people.
Hackers “want to go attack folks who are going to pay,” said cybersecurity expert David Malicoat. “They want that money as quickly as possible.”
In one case earlier this year, a Michigan woman with low blood sugar went into cardiac arrest and died after a cyberattack targeted the system reporting lab results. A nurse in Kansas said confusing paperwork caused him to nearly give the wrong dose of a drug to a baby in neonatal intensive care.
Both incidents stemmed from an attack on Ascension, a Catholic health care system operating more than 140 facilities nationwide.
Hospitals “know that if they get attacked, they have minutes, hours maybe, to be able to get … back online,” Malicoat told NewsNation’s “On Balance.”
While private and government groups successfully stop most cyberattacks, Malicoat compares it to being a hockey goalie.
“They take hundreds and hundreds of shots … but one or two get by. In cybersecurity, those that get by, those are the hacks. All those attackers have to be is right one time, and they get through.”
In London, several hospitals were crippled by a ransomware attack on the blood testing service Synnovis. The company says it will probably have to destroy thousands of blood test samples because it can’t connect to electronic health records.
While direct danger to patients is still the exception instead of the rule, traditional ransomware attacks are still costing health care systems millions.
Change Healthcare, a subsidiary of UnitedHealth Group, recently paid a $22 million dollar ransom after hackers froze large parts of the firm’s payment and claims processing systems.
Even after paying the ransom, Change Healthcare says it’s offering free credit monitoring to clients who might be worried that their financial and medical records were exposed.