Healthcare OT Facilities Remain Exposed as Industry Experiences Ransomware Attacks

Last year saw an alarming rise in cyber attacks against healthcare facilities. Ransomware attacks across the globe threatened patient safety and security by locking 68 care providers out of their networks during Q3 last year. Experts fear that patients will be unable to receive critical care at a targeted facility without a holistic whole-facility cybersecurity approach.

Statistics show an alarming trend. Over a 12-month period between 2020 and 2021, 34% of healthcare facilities experienced ransomware attackHackers encrypted data in 65% of reporting hospitals. While 34% of those affected paid to have their data unencrypted, only 69% saw their data actually restored.

Paying ransom doesn’t protect

in early October n attack on Johnson Memorial Health Hospital in Franklin, Indiana, US, locked databases and exposed patient data. Strangely, there were no ransom demands. In early November, an allegedly Iran-backed group, Black Shadow, attacked the Hillel Yaffe Medical Center in Hadera, Israel. The criminals released the personal data of 290,000 individuals. Last month, the Canadian Communications Security Establishment (CSE) warned that the attacks seen this year are exceptionally sophisticated and devastating.

In Newfoundland and Labrador, cyber attacks on the healthcare system forced patients to cancel critical operations and procedures. Over the summer, Humber River Hospital in Toronto suddenly shut down systems to prevent a ransomware attack from unfolding. To restore all facility functions and care capabilities, they manually restarted 5,000 computers and servers, then began running backup programs. CSE discovered that once an organization is hit with a ransomware attack, they are likely to be hit again even if the ransom was paid.

OT becomes vulnerable to hackers

Digital records are not the only target of criminals. Medical devices connected to the Internet and the OT devices used in the Building Management Systems (BMS) are also vulnerable. As healthcare facilities modernize, their legacy OT equipment becomes vulnerable to hackers. Water, HVAC, oxygen, electrical, and other critical systems are connected, yet may fall short of proper cybersecurity monitoring and protection. Newer hospitals are not immune to modern attacks. An exploit of a single vulnerability in digital functionality or OT utility, directly or indirectly, can threaten patient lives.

Related:   New engineering discipline predicted for 2022

“Accessing patient data is worrisome, but the idea of hackers gaining access to components in a specific ward or even a single operating room is alarming,” said Ilan Barda, CEO of Radiflow. “CISOs at facilities should focus on both IT systems and OT environments, starting from risk assessment to threat monitoring. There should be continuous holistic risk management for more mature organizations that combine both IT and OT systems. With Radiflow, teams can monitor  the full range of a healthcare OT security from one central location.”

The US Department of Health and Human Services (HHS) warned about increasingly sophisticated attacks that trended in 2021. Companies such as Radiflow, partnering with MSSPs around the globe, have spent over a decade protecting OT facilities through purpose-driven technologies to monitor complex, always-on systems, such as those found hospitals. “CISOs today need to allocate resources carefully. To optimize their resource allocation, they can use CIARA OT-BAS tool to monitor for weak points and assess their risk exposure,” said Barda.


Founder and CEO at

Leave a Reply

Your email address will not be published.