Home » Education & Events » Upcoming Programs & Events

WEBINAR: The Evolving Threat of Cybercrime in Hospitals: A Briefing for Leaders
Thursday, September 21, 2017

1:00 - 2:30 pm

$199 MHA Member Rate
$299 Non-member Rate

Printable Registration Form.
Register Online
Event Contact 

Program Overview

Cybercrime in hospital settings has evolved in a dangerous fashion. According to a report released by the Ponemon Institute earlier this year, 90 per cent of health care organizations suffer data breaches. Close to 45 per cent of all data breaches in the industry are due to criminal activity such as nation-state cyber espionage units, ransomware, malicious insiders, and physical theft of patient information, clinical research and pharmaceutical formulations.

Last October Johnson & Johnson warned that one of its insulin pumps was at risk of being hacked via wifi . In February, cyber security  firm Kaspersky Lab revealed it had hacked into a hospital’s IT infrastructure — with its permission — and was able to access an MRI device. Hospital HVAC systems are at risk, as well as entry and exit systems. Keycard systems are being remotely hacked, opening the door to potential breaches.

Three new factors are accelerating the problem — 1) Ransomware is increasingly being written to execute Javascript instructions, which means viruses can be hidden in PDFs and browsers. 2) The people that write this malware are now offering it out on commission, taking a cut of the ransom as opposed to attacking targets themselves. This means the number of people putting out ransomware expanding dramatically. 3) Social media profiles (ie LinkedIn) of hospital employees are being “scraped” to fine tune targeting of phishing emails.

This up-to-date session 1) examines recent cybercrime occurrences across both hospital software and devices, 2) how they happened, and 3) gives you steps to take to lessen the chance of one of the new breed of attacks at your institution.

Ron presents this new research in a very visual manner that is clear and to the point, with minimal geek-speak.

At the completion of this program, participants will understand:

• How healthcare cybercrime is evolving and why healthcare is a tempting target.

• Recent cybercrime instances in health care institutions.

• Potential medical device hacks, and their effect on patient safety.

• New threats presented at the Blackhat conference (such as use of drones to detect hospital networks) • Can HVAC systems be hacked?

• Can other equipment, with an IP address, be hacked?

• What a ransomware attack looks like in real time.

• Potential future patient safety issues.

• Mac and Linux vulnerabilities, as well as PCs.

• What can health care institutions do to prevent cybercrime?

• How hackers harvest hospital employee data from LinkedIn profiles.

• How employee education is a superior preventative.

• Seven practices all employees should know to prevent cybercrime.

Faculty Ron Galloway

Ron Galloway is a researcher and filmmaker. He studies the disruptive effects of new technologies in finance and healthcare. He has a B.S. of Industrial Management from Georgia Tech. He was a research analyst for Smith Barney from 1985 until 1995, and then founded Method Research, an institutional research firm. He is the author of "Ambient Intelligence," a study of the integration of sensors and data mining. He has produced 4 films and written 2 books. He has presented his research at nearly all state hospital associations. His film “DisInnovation” will be released in May 2017.

Ron directed the business documentary ‘Why WalMart Works,’ which was the first film to ever premiere in the U.S. Capitol Building. He has been featured on CNN, CNBC, MSNBC, BBC & ABC World News Tonight. Print coverage includes the NY Times, Wall Street Journal, and the New Yorker. He was featured on Jon Stewart’s Daily Show.



FAX 781-262-6136

MAIL - Check Payable to MHA
MHA Education Department
500 District Ave
Burlington, MA 01803-5096

*Please remember the registration fee includes one connection per registered facility.  An unlimited number of staff can gather in one room to “attend” the webinar.  Additional line connections will be billed accordingly.