Remote Access Systems Pose Cybersecurity Risk

Attacks can impact a healthcare system’s ability to provide care.

By Jeff Wardon, Jr., Assistant Editor


Cybersecurity incidents continue to rise as the number of possible attack vectors increases. A press release from ECRI highlights one attack vector of particular interest to healthcare facilities managers: remote access systems. 

Ransomware groups are increasingly targeting vulnerable remote access systems in healthcare, causing significant disruptions, according to a press release from ECRI. These attacks can disable essential technologies and patient data access, hampering a hospital's ability to provide care. Remote access is commonly granted to employees, physicians, vendors and support personnel, creating potential entry points for hackers. 

"The consequences of these attacks can be devastating: vital medical records held hostage, treatment plans in disarray and potentially deadly delays in care," says Marcus Schabacker, president and CEO of ECRI. "Each unchecked vulnerability is a threat to patient safety." 

Related: What Role Does Facilities Management Play in Healthcare Cybersecurity?

ECRI recommends the following precautions to address ransomware attacks on remote access systems: 

  • Make sure that Internet-facing systems, such as remote access systems, are set up securely and updated regularly. 
  • Consider blocking network traffic to internet-facing systems from potential hostile foreign parties that the organization does not do business with. 
  • Regularly audit logs and traffic from remote access systems. 
  • Pay attention to other possible attack vectors, such as phishing and password cracking. 
  • Develop response procedures for ransomware situations and recovery. 
  • Keep a backup and recovery methods for all IT systems. 
  • Talk with legal counsel if a data breach or a ransom demand happens. Considering the payment of ransom will only drive future attacks. 

Jeff Wardon, Jr. is the assistant editor for the facilities market. 



April 17, 2024


Topic Area: Information Technology , Security


Recent Posts

HHS Proposes Changes to HIPAA Security Rule to Enhance Cybersecurity

The proposed changes would enhance cybersecurity protections for electronic protected health information.


Navigating the Healthcare Real Estate Landscape in 2025

Balancing cost-optimization with the need to expand facilities to meet patient care demands and location of facilities impacting employee sentiment are two key trends.


UI Health Care Acquires 20 Mission Cancer + Blood Clinics in Iowa

Mission’s assets were officially purchased on December 31, 2024.


Dignity Health Lassen Medical Clinics Struck by Data Breach

Some information in the Lassen Clinics' records may have been accessed or acquired by an unauthorized third party.


On-Demand Training to Meet Managers' Evolving Needs

Digital training options offer benefits that include increased flexibility and expanded access to critical information.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.