Microsoft and Google will offer free or discounted cybersecurity services to rural hospitals across the United States to make them less vulnerable to cyberattacks that have disrupted patient care and threatened lives, the White House and those tech firms said Monday.
Microsoft said in a statement to CNN that it would provide free security updates for eligible rural hospitals, as well as security assessments and training for hospital staff. Google will provide free cybersecurity advice to rural hospitals and start a pilot program to match the firm’s cybersecurity services with the needs of rural hospitals.
The nation’s roughly 1,800 rural community hospitals are among the most vulnerable to dangerous ransomware attacks because they often lack IT security resources and cybersecurity-trained staff. And they may be the only hospitals within dozens of miles, meaning a ransomware attack that prevents a hospital from accepting ambulances can put patients’ lives at risk.
The new announcement is the result of private discussions between the tech firms and officials at the White House National Security Council who have growing increasingly concerned about cyber threats to hospitals. It’s an effort to use the broad reach of Microsoft and Google’s software, which is used in hospitals across the United States, to help plug a gap in the defense of the health care sector.
“We’re in new territory as we see … this wave of attacks against hospitals,” Anne Neuberger, the top cyber official at the White House National Security Council, told reporters on Sunday.
The Biden administration is also preparing to issue minimum cybersecurity requirements for US hospitals. The details of that proposal have yet to be finalized. But the American Hospital Association, which represents hospitals across the United States, opposes the proposal, saying it would impose penalties on the victims of cyberattacks after they are hacked.
A growing problem
The number of ransomware attacks against the US healthcare sector increased by 128% in 2023 compared to 2022, according to data released by the Office of the Director of National Intelligence. And recent ransomware attacks have brought the sector’s vulnerability into sharp relief.
A February ransomware attack on a major health insurance billing firm cut off health providers from billions of dollars and put some health clinics on the brink of bankruptcy. UnitedHealth Group, whose subsidiary was hacked, paid a $22 million ransom to the hackers to try to recover patient data. One third of Americans may have had their data stolen.
Another ransomware attack, in May, on one of America’s largest hospital chains, put patients’ lives in danger as nurses were forced to manually enter prescription information, multiple nurses at affected hospitals told CNN.
The FBI and its international allies have conducted a series of crackdowns on ransomware gangs, seizing the computers they use and unlocking some of the victim computers that hackers have encrypted. But ransomware remains a flourishing business, in part, US officials say, because many of its perpetrators operate with impunity from Russia.
The health care sector is a particularly enticing target because hospitals under duress to restore patient services are sometimes willing to pay the ransom.
“We do see a much more permissive environment in Russia by both hacktivists and criminals, and it’s of concern,” Neuberger, the White House official, told reporters. “We also see more and more companies paying ransoms. And every ransom payment feeds the beast and drives further attacks.”
Cleveland cyberattack shuts City Hall
Cyberattacks have frequently shut down other vulnerable services.
The City of Cleveland is investigating a cyber incident, according to a statement from mayor Justin Bibb. As a precaution, the city said it closed City Hall Monday, and it will keep City Hall closed Tuesday.
Cleveland also shut down all of its internal systems and software. But city and emergency services like the Department of Public Safety, 911, police, the fire department, ambulances and the Department of Public Utilities, will remain operational, Bibb’s office said. However, the mayor said the emergency services are functioning with limited IT capabilities.
“Over the weekend, the city identified some abnormalities,” Commissioner Kimberly Roy-Wilson, with the city’s Division of Information Technology Services, said. “We have moved into our protocols and procedures with regards to containment and we are now investigating the nature and scope of those abnormalities.”
Bibb would not say how many or which agencies are helping with the investigation.