Health care providers fight life-threatening cyberattacks as criminals deploy AI tools

Artificial intelligence can help health care organizations strengthen their cybersecurity and prevent data breaches, but generative AI tools such as chatbots and large language models may present added risks.

Providers should evaluate and test the systems before introducing them, experts say.

Cybercriminals are using AI to develop more sophisticated malware that will identify vulnerabilities in systems, potentially enabling them to automate attacks against specific targets, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association in Washington.

AI is also used by cybercriminals to develop phishing emails, some accompanied by deep fake audio or videos, to impart a sense of trust to unwitting recipients, Mr. Riggi said. 

Risk managers must strike a delicate balance between the opportunities and the risks of AI, said John Farley, New York-based managing director of the cyber practice at Arthur J. Gallagher & Co.

“Malicious actors are using AI as a launching pad for misinformation campaigns, so if you’re an organization relying on the output of an AI system, how do you know that information vacuumed up by the AI system is credible and not launched by a malicious actor?” Mr. Farley said.

Cyberattacks can result in financial, reputational and physical harm, especially in health care, and policyholders should be aware of exclusionary language for certain types of loss, he said.

“Look at lost business, extra expenses, bodily injury, property damage, and figure out which policies have the broadest scope of coverage. Not all policies are going to exclude property damage or bodily injury as a result of a ransomware attack 100% of the time. However, many will exclude it,” Mr. Farley said.

Ransomware attacks are increasingly disrupting health care delivery, shutting down life-critical medical technology and encrypting data and systems that are essential to sustaining life, Mr. Riggi said.

“It’s quite common now for ransomware attacks to result in the diversion of ambulances carrying urgent need — stroke, heart attack or trauma — patients, and for surgeries, radiation oncology and other significant health care services to be canceled,” he said. 

The U.S. government considers the health care industry to be critical infrastructure, and any ransomware attack against critical infrastructure that threatens public health and safety will be prioritized at the same level as a terrorist attack, he added.

In May, the World Health Organization said greater caution is needed around AI-generated large language models in health care.

“Precipitous adoption of untested systems could lead to errors by healthcare workers, cause harm to patients, erode trust in AI and thereby undermine [or delay] the potential long-term benefits and uses of such technologies around the world,” the WHO said in a statement.