Hospitals need to be better prepared for a cyberattack against the nation’s power grid

A recent hack at a New York Marriott hotel serves as a wake-up call for hotel security teams.
A coordinated attack on the nation's energy supply would be devastating for hospitals.

Hospitals already have their hands full fighting off sector-specific cyberattacks, but a new warning from researchers indicates the industry needs to do more to prepare for the ripple effects of a cyberattack against the nation’s power grid.

Like the healthcare industry, automation within utility systems has created new cybersecurity vulnerabilities, raising the potential for large power outages that could disrupt the country’s critical infrastructure.

RELATED: HHS task force spells out ‘urgent challenge’ of cybersecurity in healthcare

The threat of a large-scale disruption to power means hospitals and state regulators need to do more to ensure providers can maintain critical functionality, according to a report published by the National Academies of Sciences, Engineering, and Medicine.

“Given the nature of the system, there is simply no way that outages can be completely avoided, no matter how much time and money is devoted to such an effort,” the authors wrote. “The system’s reliability and resilience can be improved but never made perfect.”

The report highlighted specific concerns regarding backup generators at hospitals and called on state regulators to perform “more regular and systematic testing.” Researchers noted that failure rates among hospital backup generators are 10 times that of the nuclear industry.  

Recent global ransomware attacks have locked down healthcare systems in the U.S. and the U.K., but an attack on regional power grids could create broader disruptions to hospital operations.

A report from the Robert Woods Johnson Foundation indicated the healthcare industry is making slow progress when it comes to emergency preparedness, even as hospitals are still overlooking issues tied to a mass casualty. Although hospitals typically have plans for backup power in a natural disaster, a cyberattack on the country’s power infrastructure could create new complications.

Suggested Articles

Nearly 10,000 patients involved in research studies were impacted by a third-party privacy breach that may have exposed their medical diagnoses.

Veterans Health Administration medical facilities currently have a paper medical record backlog that if stacked up would be 5.15 miles high, according to the…

The Department of Health and Human Services announced proposed changes to privacy restrictions on patients' substance use treatment records.