The Rising Toll of Ransomware on Patient Care
Ransomware attacks on U.S. hospitals have surged dramatically, with 460 incidents reported in the last year alone, up from 238 the year prior. This figure, cited by former FBI cyber division official Cynthia Kaiser during a House Homeland Security hearing, underscores a relentless campaign against healthcare facilities. These attacks force hospitals to divert ambulances, cancel surgeries, and revert to paper charts, directly disrupting patient care. A University of Minnesota study analyzing Medicare claims data found that ransomware attacks caused at least 47 patient deaths between 2016 and 2021, with in-hospital mortality increasing by 34% to 38% among already admitted patients. Over 20 peer reviewed papers now demonstrate how these digital assaults degrade care and worsen patient outcomes.
Legal Frameworks Under Consideration
Policymakers are debating whether to classify hospital ransomware attacks as terrorism under federal law, which defines terrorism as violent acts dangerous to human life intended to intimidate or coerce civilians. A terrorism designation could unlock additional government tools, including sanctions, asset seizures, and diplomatic pressure on nations harboring cybercriminals. Simultaneously, some experts and officials argue that prosecutors should consider charging hackers with murder under the felony murder rule when their actions lead to patient deaths. This rule allows defendants to be charged with first-degree murder if their dangerous felony results in another’s death, even without direct causation. Former CISA deputy director Nitin Natarajan believes a multi-pronged approach making attacks more consequential could deter some groups from targeting healthcare.
Challenges and the Need for Stronger Defenses
Prosecuting ransomware linked patient deaths as murder presents significant hurdles, as clinical outcomes depend on multiple factors, including underlying conditions, staffing, and real time medical decisions. Errol Weiss of the Health Information Sharing and Analysis Center notes that successful cases would require detailed technical forensics, correlation with medical records, and expert testimony from both clinicians and cybersecurity specialists. Joshua Corman of the Institute for Security and Technology warns that while legal recategorization can be a useful tool, it should not overshadow the need for stronger defenses. Experts emphasize the importance of hardening IT environments, segmenting clinical networks, strengthening identity controls, maintaining tested backups, and exercising incident response with clinicians present to ensure safe care during IT disruptions.
Source: Healthcareinfosecurity
