fbpx
Connect with us

News

As hospitals cope with a COVID-19 surge, cyber threats loom

Inside Telecom Staff

Published

 on

AP-2

By late morning on Oct. 28, staff at the University of Vermont Medical Center noticed the hospital’s phone system wasn’t working.

Then the internet went down, and the Burlington-based center’s technical infrastructure with it. Employees lost access to databases, digital health records, scheduling systems and other online tools they rely on for patient care.

Administrators scrambled to keep the hospital operational — cancelling non-urgent appointments, reverting to pen-and-paper record keeping and rerouting some critical care patients to nearby hospitals.

In its main laboratory, which runs about 8,000 tests a day, employees printed or hand-wrote results and carried them across facilities to specialists. Outdated, internet-free technologies experienced a revival.

“We went around and got every fax machine that we could,” said UVM Medical Center Chief Operating Officer Al Gobeille.

The Vermont hospital had fallen prey to a cyberattack, becoming one of the most recent and visible examples of a wave of digital assaults taking U.S. health care providers hostage as COVID-19 cases surge nationwide.

The same day as UVM’s attack, the FBI and two federal agencies warned cybercriminals were ramping up efforts to steal data and disrupt services across the health care sector.

By targeting providers with attacks that scramble and lock up data until victims pay a ransom, hackers can demand thousands or millions of dollars and wreak havoc until they’re paid.

In September, for example, a ransomware attack paralyzed a chain of more than 250 U.S. hospitals and clinics. The resulting outages delayed emergency room care and forced staff to restore critical heart rate, blood pressure and oxygen level monitors with ethernet cabling.

A few weeks earlier, in Germany, a woman’s death became the first fatality believed to result from a ransomware attack. Earlier in October, facilities in Oregon, New York, Michigan, Wisconsin and California also fell prey to suspected ransomware attacks.

Ransomware is also partly to blame for some of the nearly 700 private health information breaches, affecting about 46.6 million people and currently being investigated by the federal government. In the hands of a criminal, a single patient record — rich with details about a person’s finances, insurance and medical history — can sell for upward of $1,000 on the black market, experts say.

Over the course of 2020, many hospitals postponed technology upgrades or cybersecurity training that would help protect them from the newest wave of attacks, said health care security expert Nick Culbertson.

“The amount of chaos that’s just coming to a head here is a real threat,” he said.

With COVID-19 infections and hospitalizations climbing nationwide, experts say health care providers are dangerously vulnerable to attacks on their ability to function efficiently and manage limited resources.

Even a small technical disruption can quickly ripple out into patient care when a center’s capacity is stretched thin, said Vanderbilt University’s Eric Johnson, who studies the health impacts of cyberattacks.

“November has been a month of escalating demands on hospitals,” he said. “There’s no room for error. From a hacker’s perspective, it’s perfect.”

A ‘CALL TO ARMS’ FOR HOSPITALS

The day after the Oct. 28 cyberattack, 53-year-old Joel Bedard, of Jericho, arrived for a scheduled appointment at the Burlington hospital.

He was able to get in, he said, because his fluid-draining treatment is not high-tech, and is something he’s gotten regularly as he waits for a liver transplant.

“I got through, they took care of me, but man, everything is down,” Bedard said. He said he saw no other patients that day. Much of the medical staff idled, doing crossword puzzles and explaining they were forced to document everything by hand.

“All the students and interns are, like, ‘How did this work back in the day?'” he said.

Since the attack, the Burlington-based hospital network has referred all questions about its technical details to the FBI, which has refused to release any additional information, citing an ongoing criminal investigation. Officials don’t believe any patient suffered immediate harm, or that any personal patient information was compromised.

But more than a month later, the hospital is still recovering.

Some employees were furloughed for weeks before returning to their regular duties.

Oncologists could not access older patient scans which could help them, for example, compare tumor size over time.

And, until recently, emergency department clinicians could take X-rays of broken bones but couldn’t electronically send the images to radiologists at other sites in the health network.

“We didn’t even have internet,” said Dr. Kristen DeStigter, chair of UVM Medical Center’s radiology department.

Soldiers with the state’s National Guard cyber unit have helped hospital IT workers scour the programming code in hundreds of computers and other devices, line-by-line, to wipe any remaining malicious code that could re-infect the system. Many have been brought back online, but others were replaced entirely.

Col. Christopher Evans said it’s the first time the unit, which was founded about 20 years ago, has been called upon to perform what the guard calls “a real-world” mission. “We have been training for this day for a very long time,” he said.

It could be several more weeks before all the related damage is repaired and the systems are operating normally again, Gobeille said.

“I don’t want to get peoples’ hopes up and be wrong,” he said. “Our folks have been working 24/7. They are getting closer and closer every day.”

It will be a scramble for other health care providers to protect themselves against the growing threat of cyberattacks if they haven’t already, said data security expert Larry Ponemon.

“It’s not like hospital systems need to do something new,” he said. “They just need to do what they should be doing anyway.”

Current industry reports indicate health systems spend only 4% to 7% of their IT budget on cybersecurity, whereas other industries like banking or insurance spend three times as much.

Research by Ponemon’s consulting firm shows only about 15% of health care organizations have adopted the technology, training and procedures necessary to manage and thwart the stream of cyberattacks they face on a regular basis.

“The rest are out there flying with their head down. That number is unacceptable,” Ponemon said. “It’s a pitiful rate.”

And it’s part of why cybercriminals have focused their attention on health care organizations — especially now, as hospitals across the country are coping with a surge of COVID-19 patients, he said.

“We’re seeing true clinical impact,” said health care cybersecurity consultant Dan L. Dodson. “This is a call to arms.”


BURLINGTON, Vt. (AP) — By MARION RENAULT and WILSON RING Associated Press

Renault reported from New York.


The Associated Press Health and Science Department receives support from the Howard Hughes Medical Institute’s Department of Science Education. The AP is solely responsible for all content.

Advertisement

We’re a diverse group of industry professionals from all corners of the world. Our desire is to provide a high-quality telecoms publication that caters to an international market, offering the latest and most relevant telecoms information to businesses, entrepreneurs and enthusiasts.

News

Airline CEOs, Biden officials consider green-fuel breaks

Associated Press

Published

 on

Airline CEOs, Biden officials consider green-fuel breaks

Chief executives of the nation’s largest passenger and cargo airlines met with key Biden administration officials Friday to talk about reducing emissions from airplanes and push incentives for lower-carbon aviation fuels.

The White House said the meeting with climate adviser Gina McCarthy and Transportation Secretary Pete Buttigieg also touched on economic policy and curbing the spread of COVID-19 — travel has been a vector for the virus. But industry officials said emissions dominated the discussion.

United Airlines said CEO Scott Kirby asked administration officials to support incentives for sustainable aviation fuel and technology to remove carbon from the atmosphere. In December, United said it invested an undisclosed amount in a carbon-capture company partly owned by Occidental Petroleum.

A United Nations aviation group has concluded that biofuels will remain a tiny source of aviation fuel for several years. Some environmentalists would prefer the Biden administration to impose tougher emissions standards on aircraft rather than create breaks for biofuels.

“Biofuels are false solutions that don’t decarbonize air travel,” said Clare Lakewood, a climate-law official with the Center for Biological Diversity. “Real action on aircraft emissions requires phasing out dirty, aging aircraft, maximizing operational efficiencies and funding the rapid development of electrification.”

Airplanes account for a small portion of emissions that cause climate change — about 2% to 3% — but their share has been growing rapidly and is expected to roughly triple by mid-century with the global growth in travel.

The airline trade group says U.S. carriers have more than doubled the fuel efficiency of their fleets since 1978 and plan further reductions in carbon emissions. But the independent International Council on Clean Transportation says passenger traffic is growing nearly four times faster than fuel efficiency, leading to a 33% increase in emissions between 2013 and 2019.

The U.S. accounts for about 23% of aircraft carbon-dioxide emissions, followed by Europe at 19% and China at 13%, the transportation group’s researchers estimated.

The White House said McCarthy, Buttigieg and economic adviser Brian Deese were “grateful and optimistic” to hear the airline CEOs talk about current and future efforts to combat climate change.

Nicholas Calio, president of the trade group Airlines for America, said the exchange was positive.

“Airlines are ready, willing and able partners, and we want to be part of the solution” to climate change, Calio said in a statement. “We stand ready to work in partnership with the Biden administration.”

By DAVID KOENIG.

Continue Reading

News

Internet disruption reported in southeast Iran amid unrest

Associated Press

Published

 on

Iran Telecom

Iran’s impoverished southeast has been experiencing wide disruptions of internet services, experts said, as unrest gripped the remote province after fatal border shootings.

Several rights groups reported in a joint statement that authorities shut down the mobile data network in the restive province of Sistan and Baluchestan, calling the disruptions an apparent “tool to conceal” the government’s harsh crackdown on protests convulsing the area.

The reports of internet interference come as Iranian authorities and semiofficial news agencies increasingly acknowledge the turmoil challenging local authorities in the southeast — a highly sensitive matter in a country that seeks to repress all hints of political dissent.

Starting Wednesday, the government shut down the mobile data network across Sistan and Baluchestan, where 96% of the population accesses the internet only through their phones, rights groups said, crippling the key communication tool.

After four days of unverified “localized regional network disruptions” amid the protests, NetBlocks, which monitors worldwide internet access, confirmed a new disruption to internet connectivity in the province beginning late Saturday.

“This is Iran’s traditional response to any kind of protest,” Amir Rashidi from Miaan Group, a human rights organization that focuses on digital security in the Middle East, told The Associated Press on Saturday. “Shutting down the internet to block news and pictures getting out makes (authorities) feel more comfortable opening fire.”

The week saw a series of escalating confrontations between police and protesters. Crowds with light arms and grenade launchers descended on Kurin checkpoint near Iran’s border with Pakistan on Thursday, Abouzar Mehdi Nakhaie, the governor of Zahedan, the provincial capital, said in comments carried by Iran’s semiofficial ISNA news agency. The violence killed one policeman, he added.

Earlier this week, protesters attacked the district governor’s office and stormed two police stations in the city of Saravan, outraged over the shootings of fuel smugglers trying to cross back into Iran from Pakistan on Monday. The border shootings and ensuing clashes killed at least two people, the government said. Many rights activists in the area reported higher death tolls without offering evidence.

Iran’s Foreign Ministry spokesman, Saeed Khatibzadeh, vowed Friday to investigate the deaths. Officials insisted that calm had returned to the streets.

The Iranian government previously has cut off internet access and cellphone service in tense times. In the fall of 2019, for instance, Iran imposed a near nationwide internet blackout as anti-government protests sparked by an increase in fuel prices roiled the capital of Tehran and other cities. Hundreds were reportedly killed in the crackdown nationwide.

Given that authorities targeted the mobile network and not the landline in Sistan and Baluchestan, the disruption likely wouldn’t appear on regular network data, said Mahsa Alimardani, researcher at Article 19, an international organization that fights censorship. The area already suffered from unreliable internet connections.

“This targeted shutdown was very intentional because they knew the realities of this province,” where people are poor and use cheap phones as opposed to computers, Alimardani said.

Sistan and Baluchestan is one of most unstable and least developed parts of Iran. The relationship between its predominantly Sunni residents and Iran’s Shiite theocracy long has been fraught. A low-level violent insurgency in Sistan and Baluchestan involves several militant groups, including those demanding more autonomy for the region.

The area also lies on a major trafficking route for drugs and petrol, which is highly subsidized in Iran and a key source of income for smugglers.

DUBAI, United Arab Emirates (AP) — By ISABEL DEBRE

Continue Reading

News

Nevada governor proposes giving tech firms power to govern

Associated Press

Published

 on

Nevada governor proposes giving tech firms power to govern

Nevada’s governor on Friday unveiled a proposal that would allow technology companies to establish jurisdictions with powers similar to those of county governments, arguing the state needed to be bold to diversify its economy and pushing back against those who have likened the idea to company towns.

“This proposal is an exciting, unprecedented concept that has a potential to position Nevada as a global center of advanced technology and innovation, while helping to create immediate positive economic impact and shape the economy of the future,” Gov. Steve Sisolak said of his Innovation Zones idea. “As we’ve learned in the past, an emergency requires us to throw out the tried-and-true, discard the ‘How We’ve Always Done It’ manual and move on.”

Under the proposal, companies developing cutting-edge technologies that have at least 50,000 acres (200 sq. kilometers) of land and promise to invest $1.25 billion could establish “Innovation Zones.” The zones would be governed by a board responsible for overseeing zoning, taxation, law enforcement and other government functions on their land. It would override local county regulations.

The governor’s office of economic development would initially appoint three members to govern the zone, including two required to be from the company.

While the legislation does not specifically mention the company, the proposal is geared toward Blockchains LLC, a cryptocurrency company that owns 67,000 acres of land (270 sq. kilometers) in rural Storey County. Blockchains LLC hopes to build a smart city 12 miles (19 kilometers) east of Reno that would include underground data storage bunkers, 15,000 homes and a research and development park where entrepreneurs could invent applications of blockchain technology.

Blockchain is a digital ledger known mostly for recording cryptocurrency transactions. Local governments have also taken advantage of its secure record-keeping capabilities to document marriage licenses and facilitate overseas voting.

The Innovation Zone proposal has sparked concerns about ceding excessive amounts of power to technology companies. But Blockchains CEO Jeffrey Berns insists that the company’s technology has the potential to empower people to control their digital footprint.

“What we’re trying to build is a place where you have power instead of companies,” he told The Associated Press earlier in February.

An economic impact study commissioned by Blockchains projects the company’s Innovation Zone will create jobs, economic activity and revenue from a tax imposed on transactions made on the blockchain. The study projects Blockchains’ proposal will eventually generate $2.2 billion in direct output annually, about 1.3% of Nevada’s overall economic activity.

But forecasting the economic impact of unproven technology is difficult, particularly because many of the potential applications of the company’s ledger technology have yet to be invented.

Applied Analysis’ Jeremy Aguero, who authored the study, said the projections were based on more than cryptocurrency transactions and encompassed any action on Blockchains’ database made in Nevada or elsewhere. Blockchains, he said, planned to pilot its cryptocurrency in Nevada on industries like cannabis sales or in the gig economy and then expand its applications to other sectors and locations. All of the transaction taxes would be collected by Nevada.

“When we think about it in terms of the revenue estimates that are being yielded, it’s not just related to cryptocurrency. It’s related to any of the transactions that will add a block to the chain,” Aguero said.

Blockchain technology is already used to record financial transactions, store medical records and coordinate supply chain logistics. Sisolak said the purpose of innovation zones is to attract developers to Nevada as they devise new ways to use the technology.

“The applications of the technology are limitless. We cannot even imagine what their technology could be,” he said.

The yet-to-be invented applications are a key reason that Blockchains wants to establish an Innovation Zone. The company and the proposal’s proponents say small jurisdictions are not the ideal governmental bodies to make decisions about new technologies and a massive development that, in Storey County’s case, could increase the population tenfold.

“The traditional forms and functions of local government … are inadequate alone to provide the flexibility and resources conducive to making the State a leader in attracting and retaining new forms and types of businesses,” according to draft legislation.

Some locals disagree. Storey County resident Eileen Gay said that the mechanisms in place for development and project approval protect local interests and the environment.

“Oversight is what makes for safe, well-considered, well-balanced development,” she told county commissioners at a Feb. 16 meeting. “What is to prevent this 800-pound gorilla of a neighbor from swallowing our small neighborhood up?”

Developers may indeed invent new ways to use the digital ledger, but at an August 2020 Storey County Commission meeting, Blockchains lobbyist Matthew Digesti described the company’s proposal as something local governments routinely encounter: a “high-tech business park integrated with a master planned residential community.”

Sisolak said he understood that the Innovation Zones was unconventional, but he said the pandemic had proven that Nevada needs to be bold to diversify its tourism-driven economy. He said government and the private sector needed to work together to induce economy recovery.

“What we’ve been doing has not worked,” he said. “We cannot wait for economic recovery to come to us. We must accelerate and pursue innovative ways to inject Nevada with new and organic economic growth, and more jobs.”

CARSON CITY, Nev. (AP)

Continue Reading

Trending