Effects of Cyberattacks on Public Safety

On the one-year anniversary of CrowdStrike's disastrous crashes that took down millions of computers worldwide, a new study finds 750-plus hospital networks in the US were disrupted. Among those, 200-plus appear to have had outages of patient medical services: staff portals used to view patient health records, fetal monitoring systems, tools for remote monitoring of patient care, secure document transfer systems that allow patients to be transferred to another hospital, “pre-hospital” information systems like the tools that can share initial test results from an ambulance to an emergency room for patients requiring time-critical treatments, and the image storage and retrieval systems that are used to make scan results available to doctors and patients. All of that indicates the CrowdStrike outage could have been a “significant public health issue,” argues Christian Dameff, a UCSD emergency medicine doctor and cybersecurity researcher, and one of the paper's authors. “If we had had this paper's data a year ago when this happened," he adds, “I think we would have been much more concerned about how much impact it really had on US health care.” https://lnkd.in/euynsyMB

🚨 What's Old is New: Lebanon Pager Attacks Unveil Overlooked Cyber Risks 🚨 Recently, Lebanon experienced a series of cyberattacks specifically targeting pager systems—yes, those once-ubiquitous devices many believed were relics of the past. However, these systems remain essential in sectors such as healthcare and emergency services. The disruption caused by these attacks jeopardized critical communication channels, raising significant concerns about public safety. What Happened? These incidents highlight the vulnerabilities even in older, seemingly obsolete technologies. Hackers exploited security gaps in Lebanon’s pager infrastructure, affecting crucial communication networks. While investigations are ongoing, one thing is clear: no technology, regardless of its age or perceived insignificance, is immune from cyber threats. Why Does This Matter? 🔐 Legacy Systems Still Play a Role: Despite their age, pagers and other older technologies continue to serve important roles in industries like healthcare. Unfortunately, they are also susceptible to modern cyberattacks. 💡 A Cybersecurity Reality Check: This event underscores the importance of securing not just the latest and most advanced technologies but all systems, including those that may seem outdated or forgotten. 📊 The Human Impact: When critical communication systems fail, the effects extend beyond technical disruptions. Medical professionals, first responders, and others in essential roles are hindered in their ability to perform critical duties. What Can Be Done? Assess Your Infrastructure: If your organization still relies on legacy systems, take steps to ensure they are secure against modern threats. Employee Education: Equip your team with the knowledge to recognize and respond to phishing attacks and other security risks, regardless of their familiarity with technology. Plan for Contingencies: Even if your systems appear secure, it’s crucial to have a robust response strategy ready for any unexpected incident. For more insights into these attacks and strategies for securing legacy systems, consider exploring these resources: https://lnkd.in/dCcdw_6n https://lnkd.in/dVuSfXbJ This attack serves as a stark reminder for cybersecurity professionals: the old tech often presents the weakest links in the security chain, making them prime targets for exploitation. #CyberSecurity #InfoSec #DataBreach #LegacySystems #LebanonPagerAttack #CriticalInfrastructure #HealthcareSecurity #PhishingAwareness #CyberAwareness #IncidentResponse #CyberAttack #TechRisk #DigitalTransformation #CyberResilience #PagerAttack #RiskManagement

🚨 Ransomware shuts down 14 hospitals. Staff revert to pen + paper. Scam calls follow within hours 😳 That’s what unfolded at Kettering Health (a major health system in Ohio with 14 hospitals and 120 outpatient facilities) before Memorial Day weekend — a stark reminder that healthcare technology is still dangerously exposed to cyber threats. Here’s what we should all be paying attention to: ✅ Healthcare’s digital backbone is fragile. One attack took down a health system serving an entire region — 14 medical centers and 120 outpatient facilities! ✅ Cyberattacks now come with a playbook. Interlock, the ransomware group behind this, doesn’t just lock data — they steal it, leak it, and exploit patient fear to pressure victims into paying up. ✅ Randomware attacks in healthcare are not isolated events anymore. Interlock has also attacked DaVita, Ascension, Texas Tech University Health Sciences Center, and multiple behavioral health and public agencies. Per Federal Bureau of Investigation (FBI) report, the health sector reported more than 440 ransomware attacks and data breaches in 2024 (highest amount of all critical infrastructure sectors) ✅ Scammers moved in fast. Within hours, fake calls mimicking Kettering Health were targeting patients for payment. ✅ Preparedness helped — but only so much. Staff had downtime procedures and quickly pivoted, but canceling procedures and operating without critical systems shows the real cost of reactive cybersecurity. My hot take: This IS NOT just a technology issue — it is a patient safety and public trust issue. If you are in healthcare leadership or health IT, this is your signal: cyber resilience has to be part of patient care planning. Act now! 🔍 What’s one measure you believe every health system should implement this year to guard against ransomware? Please let me know in the comments below - love to learn! #Healthcare #Technology #LIPostingDayMay

Still think ransomware is just an “IT problem”? Consider this: During a ransomware attack, in-hospital mortality goes up about 20 to 35% for patients admitted to a hospital undergoing an attack. Six in 10 health care providers have been hit by ransomware attacks in the last year. In 2020, a ransomware attack forced a hospital in Düsseldorf, Germany, to close its emergency department, and a patient died in an ambulance while being rerouted to another hospital. Also in 2020, a woman sued an Alabama hospital after the death of her newborn baby, alleging that doctors failed to carry out critical pre-birth testing due to a cyberattack on the hospital, which meant the baby was born with the cord around its neck. This led to brain damage and — a few months later — the baby’s death, she argued. And now, hospitals in at least three states are diverting patients from their emergency rooms after a major cyberattack hit their parent company last week. The catastrophic harm ransomware attacks cause to organizations across all sectors cannot be overstated. From a purely financial perspective, the average cost of a ransomware attack is $4.3 million — and that is without paying the ransom. Organizations in every industry are being targeted, which means every organization needs to be prepared. How? Start by asking these questions: -Do we have an incident response plan? -Who is on our incident response team? -Have we drilled our plan in a realistic exercise? -What are our regulatory requirements? -Who is our cybersecurity attorney? -Who is our digital forensics investigation firm? -Do we have adequate insurance? -Are we prepared? If you can’t confidently answer these questions, reach out to the cyber team at Buchanan Ingersoll & Rooney PC. We can help. We are an Authorized Breach Coach law firm. Our attorneys and security engineers specialize in cybersecurity preparedness and incident response and are available to assist 24/7. Experiencing an incident or want to learn more? Email us at cyber@bipc.com #cyber #cybersecurity #ransomware NetDiligence® BLACKOPS PARTNERS Chris H. barricade cyber solutions Chuck Brooks The Cyber Guild Alex Keedy Surefire Cyber Inc. PCS CYBIR Kroll Cyber Risk Acture Solutions Pondurance FBI Cyber Division Cynthia Kaiser Higginbotham Corey H. LookingGlass Cyber Solutions, Now Part of ZeroFox David Eapen Tiffany Yeung Andria Adigwe Kimberly Schriver, MHA, MBA, CMPE RoseAnne Moises Scott M. Angelo Alison King

Many don’t realize that cyberattacks against Critical Infrastructure sectors, can cause more than an inconvenience of a temporary power outage. Critical Infrastructures are a favorite of aggressive Nation State cyber threats. In addition to communications disruptions, power outages, and healthcare billing, these attacks can also seek to disrupt food distribution.   The result – empty shelves and people scrambling to acquire groceries. There is currently a cyber-attack affecting the main grocery retailer in Scotland, resulting in empty shelves for many foodstuffs. (https://lnkd.in/gzkhP2vD) Nothing is as effective at changing people’s attitudes and motivating capitulation than the unavailability of food. It is an age-old strategy used for sieging forts, towns, and even nations. Cybersecurity now protects many of the critical path systems for food production, transportation, and distribution. It puts a different spin on the value of #cybersecurity and how aggressive nations can wreak havoc on the citizens of their adversary. It is something to consider as we move into an age where cyber-attacks are being leveraged as a foreign policy tool. #CriticalInfrastructure #cyberattack

Most ICS/OT cyber security incidents are not publicly disclosed. Most we will never know about. The world has had its fair share of ICS/OT security incidents though. Some with potentially devasting consequences. Some are public knowledge. Here are some you need to know about: 1. Davis-Besse Power Plant Hit by SQL Slammer (2003) This ICS environment was impacted by a worm that was designed to infect unpatched SQL Server running on Windows. Once a system was infected, it would spread to every other infected system on the Internet and its internal networks. The Davis-Besse plant was thought to be air-gapped. It shouldn't have had a connection to any external network. They found otherwise when a limited number of systems were compromised. A vendor had run a data line from the power plant to the vendor's office. The vendor's office had become infected from the Internet. And then that infection went right into the power plant. The real kicker? Davis-Besse is a nuclear power plant. 2. Stuxnet (2010) Stuxnet is known as the first malware designed to infect ICS/OT systems. The malware known as Stuxnet was responsible for physically destroying centrifuges in Iran’s nuclear arms program. Conducted by the United States and Israel, it has been described as "crossing the Rubicon." The incident launched a cyber arms race. Other countries noted there were no repercussions for the attackers on the global stage. And they realized that they needed to step up their cyber game. 3. Ukrainian Blackouts (2015, 2016 & 2022) Russian adversaries targeted power facilities to create blackouts in the Ukraine two years in a row. At night. In the middle of winter. Other similar ICS/OT-related attacks can be observed in the current Russian invasion of the Ukraine. In each instance, the attackers used ICS-specific malware. It was recently announced that the Russians did the same in 2022 without the use of ICS-specific malware. 4. Trisis / Triton (2017) A nation state adversary compromised the SIS (Safety Instrumented System) at a petrochemical refinery in the Middle East. The SIS is designed to act as a failsafe to safely shut down a plant in the event a fault condition is detected. The only reason an attacker would take control over the SIS is to cause an explosion and to do harm and/or kill. 5. Colonial Pipeline (2021) The IT systems at Colonial Pipeline were infected by ransomware. In response, the OT network responsible for the pipeline was taken down. The result was that the largest gasoline pipeline in the United States was down for 10 days. P.S. There are a lot of other important ICS/OT incidents. What would you add?

In the past five years, we’ve seen a sharp increase in cyberattacks targeting the water and wastewater sector (WWS), infrastructure which is critical to both the safety of our citizens and the health of our environment. In fact, these utilities are decentralized and operated by more than 100,000 public and private entities, many of which lack the funding and expertise to properly prioritize cybersecurity. This presents a significant challenge for cyber defense. The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and US Environmental Protection Agency (EPA) recently issued a new incident response guide for the WWS (https://lnkd.in/ezbRCDp5) This guidance is great to see – in particular, its last point on multistakeholder cooperation. To that end, Microsoft and the Cyberspace Solarium Commission 2.0 (CSC) released key recommendations including: • Resourcing federal and state-level funding • Adopting cyber hygiene practices, like multifactor authentication • Building relationships with local field offices for incident reporting and response • Participating in information-sharing forums across water sector organizations Securing our critical infrastructure and protecting our water systems affects us all. I encourage you to read the full report to dive deeper into the roundtable findings and complete recommendations: https://lnkd.in/ekUQ-R5J #Cybersecurity #NationalSecurity #WWS #Infrastructure #IncidentResponse #CISO

'Attacks on infrastructure have the potential to cripple the daily lives of millions, with hospitals and businesses at risk, as well as millions left without access to bank accounts or power. The number of attacks on utilities has quadrupled since 2020. When you consider the heightened physical threat, such as the sabotage of internet cables, there is potential for devastating damage... ...Research suggests that in the event of an attack, it’s most likely that electrical power facilities would be the first target, with railroads, communications, and manufacturing facilities behind. These are, of course, calculated scenarios - but the rise in cyber attacks highlights the need to invest in cyber security now more than ever.' https://lnkd.in/g6WcuMUS

Ukraine’s national railway operator was just hit by a cyberattack that took its ticketing systems offline.    It didn’t stop the trains. But it didn’t have to.   The fallout was immediate: ⏳ Long lines at ticket booths 📉 Overcrowding and delays ⚠️ Strain on staff and infrastructure   The goal isn’t always destruction. It’s disruption. And in this case, mission accomplished. A single well-timed attack on a critical system can delay essential services, stretch response teams, and reveal how easily day-to-day operations can be thrown off course, especially during a crisis like Ukraine is experiencing.    Incidents like this are a reminder that cybersecurity can no longer be limited to IT. It’s a matter of national resilience — and we need to start treating it that way or stories like this will become all too common.   #CyberResilience #CriticalInfrastructure #ZeroTrust #TransportationSecurity #CyberAttack   https://lnkd.in/gGhPCBGx

BAND-AID SOLUTIONS WON'T CUT IT: This week's cyberattack on American Hospital Dubai, where the Gunra ransomware group claims to have exfiltrated 450 million patient records, is a stark reminder of the global nature of cybersecurity threats. Despite occurring overseas, this incident has significant implications for Americans. Some quick highlights tonight: Point #1: The Global Interconnectedness of Healthcare Systems -- A breach in one institution can expose vulnerabilities that may be exploited in others using the same systems, potentially compromising patient data across borders. Point #2: It has set a Precedent for Future Attacks -- The Gunra ransomware group, emerging in April 2025, has already claimed 12 victims across various sectors, including real estate, pharmaceuticals, and manufacturing. Their rapid expansion and willingness to target healthcare institutions underscore a growing trend that could see more U.S. entities in their crosshairs. Keep on eye on these guys, they are expanding quick like! Point #3: Various Economic and Reputational Risks -- Cyberattacks on international institutions can have cascading effects on global markets and the reputation of associated entities. U.S. companies with partnerships or affiliations with affected organizations may experience financial losses, legal challenges, and damage to their brand integrity, often dooming a company with a shredded reputation. So, yeah, Americans, whether at home or abroad, are not insulated from the repercussions of incidents like this one. It is imperative for individuals, organizations, and governments to recognize the interconnected nature of digital infrastructures and to collaborate in strengthening cybersecurity defenses worldwide. https://lnkd.in/gRdVea2f #AUGURYIT