First, hackers have turned their attention to hospitals in a big way in 2016 with record numbers of attacks, including ransomware attacks that have locked up a number of hospital systems completely.
In some of those cases, patient lives were at risk, which is why the affected hospitals have tended to simply pay the ransom and get their systems back. Unfortunately, that’s not the only reason a fatality is inevitable in the relatively near future.
The second, and infinitely more problematic reason is that we are coming to rely increasingly on “smart” devices such as insulin pumps, pacemakers and the like. The problem with that is simply that these “smart” devices aren’t very smart when it comes to security.
Most of these devices have only the most rudimentary of security features built in, and many don’t have any security at all. This makes them almost laughably easy for hackers to take over, and when they do, they can either shut the devices down or cause them to malfunction in ways that will literally kill the patients who rely on them.
Even if the hackers don’t necessarily intend for this to happen, the viruses they use don’t discriminate. They don’t know or care that there’s a human being relying on the device’s proper functioning for his or her survival.
Recently, the Northern Lincolnshire and Goole NHS Foundation Trust hospitals in both Scunthorpe and Grimsby were infected with a virus that forced them to shut the hospital down and suspend all operations and planned procedures until it could be purged from the system.
In this case, there were a number of trauma and other high-risk patients with procedures planned who had to be rushed to non-infected hospitals. All of the transfers were successful, and no one died in this instance as a result of the virus, but next time, we might not be so lucky.
Hacking was already serious business before this, but it just got a whole lot more serious. Life and death, actually.