Intelligence officials are telling hospitals not to bypass cybersecurity protocols in a rush to get systems back online after Hurricane Sandy, as hackers could use vulnerabilities caused by the disaster to launch cyberattacks.
“The bad guys are out there and they see all these systems are vulnerable because of the storm. You know there is going to be a lot of emails coming out of people trying to get you to donate money or click links that might download a virus,” said Deborah Kobza, National Health Information Sharing and Analysis Center (NH-ISAC) executive director during a phone interview Friday.
In the Northeast more than 6.4 million people are still without power. Fuel shortages have caused transportation gridlock, and hospitals and healthcare facilities continue working to restore services. Kobza says a cyberattack on healthcare infrastructure right now could have a cascading effect that could further complicate recovery activities.
Anything from data systems and electronic healthcare records to implantable medical devices and life-saving machines could be hacked or manipulated with a targeted cyberattack.
“As we talk to all the healthcare organizations and hospitals, we’re asking them to be mindful or vigilant of any type of cyberattack or anything suspicious coming into their networks,” Kobza said. “We’re just trying to make sure that if there are any denial-of-service attacks or advanced persistent threat attacks or malware or phishing that they let us know immediately so we can get in front of that.”
NH-ISAC, located in the Global Institute for Cybersecurity and Research's Global Situational Awareness Center, is an intelligence sharing operation for healthcare-related critical infrastructure. It’s recognized by U.S. intelligence agencies as the healthcare sector’s communication channel for cybersecurity intelligence, information sharing, and monitoring threats to healthcare infrastructure.
Hurricane Sandy was the first time it activated its National Healthcare and Public Health Cyber Response System, a portal where healthcare facilities can share information with each other and government agencies, including FEMA and DHS, about threats to infrastructure and their experiences mitigating them.
In six months, NH-ISAC hopes to have a national network of volunteers in healthcare organizations who will work as “cyber first responders” to provide information to the Cyber Response System and relay information back to their own facilities. Kobza says they’ve had no problem finding volunteers for the billet.
“Cyber supports everything: Physical Infrastructure, data systems, nuclear power plants. So we’re just trying to raise awareness, especially for the public health sector, to get this cyber response system in place,” Kobza said.
photo by Rosser321/flickr