Health And Emergency Services Face Increased Cyberattacks

An illustration of cybersecurity concept with people, shield, lock, and digital elements.

January 4, 2023 | Hannah Pittman

Also, learn about new government guidelines including the ‘311’ Plan in the works from CISA

Recently, public entities have found themselves on the receiving end of cyberattacks due to a combination of factors that make them appear vulnerable and easy targets to cybercriminals.

Cybercriminals know that public entities provide essential public services while some—especially smaller organizations—have little or no IT support. Specifically, health services, ambulance and EMS, and 911 districts have found themselves facing an onslaught of cyberattacks.

911 Districts

Cyberattacks on 911 centers have cost these organizations a large, unforeseen amount of time and money to recover. New generation (NG) 911 systems have gained popularity over the past few years – they are implemented to make emergency responses smarter, faster, and more resilient, as well as provide upgraded equipment and software vendors.

The move to incorporate NG 911 only makes 911 centers more vulnerable due to the introduction of “an Internet protocol-based mesh network to handle multimedia data” including IP addresses which are target gateways for potential cyberattacks.

Annual assessments from third-parties to test a center’s NG 911 is essential for evaluating how well protected their system is.

Ambulance/EMS Districts

Recent reports of cyberattacks on EMS (Emergency Medical Services) providers have been followed by data breaches of service users. New York’s Empress EMS disclosed an attack and breach of information earlier this year.

The hackers performed a double-extortion ransomware attack – they gained personal information from customer files and threatened to expose them if Empress did not pay a ransom to the attackers.

Health Services and Hospital Districts

Astronomically rising cases of COVID-19 led to many hospitals reaching patient over-capacity. Inadvertently, this created an opportunity for hackers to take advantage of the vulnerable security systems in place at these facilities when the focus on the treatment of an unforeseen number of patients became more urgent than ever.

Health IT is a large interconnected system using wireless technology – making them more vulnerable to cyberattacks. Several instances of cybersecurity breaches have been reported since March 2020, including ransomware attacks, the downing of critical systems, and attacks against major health organizations like the World Health Organization and the U.S. Department of Health and Human Services.

Health Care Systems are being attacked for a few reasons. Some cybercriminals seek to exploit vulnerable systems because of profit motivation. They also perform personal cyberespionage attacks to get information relating to tests and vaccines for intellectual property to have an upper hand in competition for a cure.

CISA & New Government Guidelines

The Cybersecurity and Infrastructure Security Agency (CISA) has announced their plan to create a ‘311’ cybersecurity emergency call line for small businesses with limited available finances, providing before and immediate-upon-attack cybersecurity training.

Additionally, education and training for students on basic cybersecurity would provide additional prevention measures for cyberattacks creating a “cyber civil defense” force.

A national cybersecurity alert system would further allow for more effective location tracking and size of the cyberattack threat facing a region. As a result of recent global ransomware attacks, organizations across sectors have come together to discuss formal across-organization procedures of how these attacks can be mitigated in the future.

Recently, the FBI and CISA implemented the Joint Ransomware Task Force, created to focus law enforcement actions on ending ransomware attacks for U.S. organizations.

Following a committee with CISA, the White House passed new cybersecurity guidelines with the purpose of protecting and improving the security of the software supply chain to federal agencies.

Three major guidelines will be implemented moving forward:

The National Institute of Standards and Technology (NIST) will be responsible for software accreditation.
Private vendors selling software to state and federal entities and agencies must have accreditation.
Agencies must ensure inventorying of all software in 90 days. Further, accreditation for critical and non-critical software must be furnished within 270 and 365 days, respectively.

The Biden Administration plans to increase efforts to push last year’s May 12th executive order beyond what it was intended for – strengthening America’s defense against cyberattacks.

New methodology for defense against cyberattacks include protecting against attacks from other countries, prioritizing and modernizing cybersecurity to improve, prevent, detect, assess, and remediate cyberattack incidents, and eliminate communication barriers to improve the movement of information between major agencies—namely the Intelligence Community (IC), CISA, and the FBI but also other agencies that are integral parts of federal cybersecurity procedures.

Upon evaluation that federal agencies are using obsolete, ambiguous, and inadequate security software, President Biden’s executive order called on NIST to provide oversight for the quality of new software.

Furthermore, CISA guidelines are enforcing a “compartmentalized administrative environment, trust relationship audits, and multi-factor, risk-based authentication” across agencies. Under the executive order, all agencies must purchase software from a NIST-approved list, obtain cybersecurity information and approval for existing software, and carry out performance assessments and updates to maintain NIST-approval.

Put Your Staff on Alert

Cybersecurity is a team effort – not just an IT responsibility. It impacts the mission, business, safety, and programs of every organization.

One of the best tools at any organization’s disposal is their staff, supervisors, and managers, since even the most secure system can still be breached if employees are not aware of the risks they pose.

eRisk Hub cyber resource portal is available to all organizations and employees that are a member of the CSD Pool. You can access individual training, tips for personal cybersecurity, and cyber webinars. For more information on how to sign up and get your staff access, visit www.csdpool.org/erisk-hub.

Website Accessibility Statement

Colorado Special Districts Property and Liability Pool (the "District") is committed to ensuring that its services are accessible to all members of the public. As part of this commitment, the District strives to provide an accessible website compatible with the Web Content Accessibility Guidelines (WCAG) version 2.1, AA, and commercial screen reading software. Features of the website are created to allow individuals with vision and other impairments to understand and use the website to the same degree as someone without disabilities.

If you need any special assistance or accommodations:

Contact our compliance support team via telephone at: (888) 765-1970

Ongoing Compliance Information

Compliance Coordinator

The District has designated a Compliance Coordinator for website disability-related accommodations. The Compliance Coordinator has received training in website accessibility and updates the site in accordance with those best practices and requirements.

Compliance Procedures

The District is working to ensure all website content complies with the Americans with Disabilities Act and controlling State laws. In an ongoing effort to continually improve and remediate accessibility issues, the website is regularly scanned to ensure ongoing compliance, and timely changes are made to any inaccessible content if found.

Accessible Documents Policy

The District is committed to providing all documents hosted on the website in an accessible format or making accessible alternatives available.

Linked Documents and Third Parties

Please note that this site may link out to third-party websites that do not have accessible content. This site may also include documents provided by third parties. While we cannot control the accessibility of content provided by third parties, we are happy to assist any member of the public with reading and accessing content on our site.

Report a Website Accessibility Issue

We are committed to your ability to access all content, and we will respond to all requests in a timely manner. If you need assistance or accommodations while accessing content on this website, please contact our Compliance Coordinator via the form below: