HHS Report: Role of automation in cybersecurity attacks

Editor's Note

As cyber attacks on healthcare organizations continue to rise in number, the US department of Health and Human Services (HHS) released a report examining the role of automation in cybersecurity, December 13 Health Care Dive reports.

According to cybersecurity company, Sophos, the percentage of ransomware attacks on healthcare systems nearly doubled to 66% last year.  Healthcare facilities and patients across the nation are impacted by these rising numbers. On December 12, Health Care Dive reported that Common Spirit Health disclosed that more than 623,000 people had their information exposed as a result of the ransomware attack in early October. The attack forced several of their records and payroll systems to go offline at many of its facilities, OR Manager reported on October 26.

With these cyber threats becoming more significant, the HHS released their report, which reveals how criminals are taking advantage of artificial intelligence (AI) when carrying out cyber-attacks. Hackers are using AI technology, such as machine learning-enabled penetration testing tools, AI-supported password guessing and data to enable impersonation on social networking platforms, the report said. They are also using automation to obtain valuable, confidential information such as emails, passwords, credit cards, and personal data.

The report notes that while automated cyber tools were initially created to make online systems more secure, they are also being misused. HHS recommends that healthcare facilities utilize better cyber security practices, including network intrusion monitoring, detecting, alerting, and prevention.

Read the HHS Report.