In the wake of two global cyberattacks, the CIO of Penn Medicine is calling for more federal support in the form of criminal investigations to stem the tide of attacks.
Acknowledging the ongoing need for hospitals to train employees, patch software and conduct ongoing breach response testing, Mike Restuccia, CIO at Penn Medicine, argues in an op-ed for Healthcare IT News that the industry needs more support from federal officials and law enforcement to prosecute cybercriminals that cause patient harm.
“International cooperation with agencies across the globe should be expanded in order to bring such perpetrators to justice,” he wrote. “Intentionally disrupting patient care is a serious offense and should be treated as such to adequately safeguard against potential negative patient outcomes of such behavior.”
Restuccia also called for more funding and collaboration with federal agencies to address widespread vulnerabilities outlined in the Department of Health and Human Services Cybersecurity Task Force report. Following the WannaCry attack in May, HHS unveiled a new cybersecurity communications center that has received both criticism and praise.
Bringing cybercriminals to justice could prove difficult, given the fact that large-scale attacks are often traced back to nation states and because law enforcement officials are still learning how to investigate and prosecute perpetrators. In the case of WannaCry, security firms believe government hackers in North Korea were to blame. Last week, ZDNet reported officials in Ukraine arrested a man accused of spreading the Petya malware, but it was unclear if he was a formal suspect in the attack that spread across the globe.