advertisement

The U.S. government says it will commit millions to prevent future breaches and ransomware attacks on the healthcare sector.

The Change Healthcare and Ascension cyberattacks were disastrous. Can $50 million stop the next breach?

[Images: Artystarty/iStock/Getty Images, Alexas_Fotos/Pixabay]

BY Grace Snelling1 minute read

This February, the UnitedHealth subsidiary Change Healthcare was attacked by hackers, causing a nationwide outage of the network with huge ripple effects for doctors and patients.

Three months later, the U.S. government is stepping in to commit more than $50 million toward preventing future cyberattacks on the healthcare industry. Here’s what you need to know:

Sensitive health data in the spotlight

As one of the largest health payment processing companies in the world, Change Healthcare handles around 15 billion claims each year. When the server went dark earlier this year, many healthcare providers were unable to communicate with insurance companies, leading to billions of dollars worth of disrupted payments and limited care for patients. The breach likely leaked the personal data of up to one in three Americans. 

Then, this month, the healthcare network Ascension was also brought offline by hackers. The quick succession of these major breaches has shown that the healthcare sector is a prime target for cybercriminals, and U.S. health officials announced today that they plan to take a stand to combat the issue.

What the government is doing

A federal investment of $50 million will be allocated to organizations that can build tools to protect internet-connected hospital equipment from ransomware. The goal of the program, named the Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE), will be to create an autonomous cyber-threat solution that can adapt to many devices and diverse hospital environments. 

“UPGRADE expects to bring together equipment manufacturers, cybersecurity experts, and hospital IT staff to develop a tailored and scalable software suite for hospital cyber-resilience,” the initiative’s website reads. “This broad effort intends to secure whole systems and networks of medical equipment to ensure mitigations can be deployed at scale.”

The UPGRADE program will be headed by ARPA-H, an agency under the Department of Health and Human Services (HHS). According to Andrea Palm, HHS deputy secretary and department lead on cybersecurity work, the destructive potential of healthcare cyberattacks necessitates this broader intervention.

PluggedIn Newsletter logo
Sign up for our weekly tech digest.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Privacy Policy

ABOUT THE AUTHOR

Grace Snelling is a contributor for Fast Company with a focus on product design, branding, advertising, art, and all things Gen Z. Her stories have included an exploration into the wacky world of water brandinga chat with Questlove about his creative-centric YouTube series, and a look into Wayfair’s first-ever physical store More


Explore Topics