Skip to main content
  • Home
  • About
  • Faculty Experts
  • For The Media
  • ’Cuse Conversations Podcast
  • Topics
    • Alumni
    • Events
    • Faculty
    • Students
    • All Topics
  • Contact
  • Submit
STEM
  • All News
  • Arts & Culture
  • Business & Economy
  • Campus & Community
  • Health & Society
  • Media, Law & Policy
  • STEM
  • Veterans
  • University Statements
  • Syracuse University Impact
  • |
  • The Peel
  • Athletics
Sections
  • All News
  • Arts & Culture
  • Business & Economy
  • Campus & Community
  • Health & Society
  • Media, Law & Policy
  • STEM
  • Veterans
  • University Statements
  • Syracuse University Impact
  • |
  • The Peel
  • Athletics
  • Home
  • About
  • Faculty Experts
  • For The Media
  • ’Cuse Conversations Podcast
  • Topics
    • Alumni
    • Events
    • Faculty
    • Students
    • All Topics
  • Contact
  • Submit
STEM

Medical Ransomware Attack Could Spell Disaster, Deaths During Pandemic

Tuesday, September 29, 2020, By Daryl Lovell
Share
Cybersecurity

Universal Health Services is working to get back online after facing what could be the largest medical system cyberattack in U.S. history. UHS officials have not confirmed it was ransomware but did issue a statement that its system is currently down due to an IT security issue.

Two Syracuse University professors and cybersecurity experts offer comments on the latest developments.

********************

Shiu-Kai Chin is a professor of electrical engineering at Syracuse University’s College of Engineering and Computer Science. His research interests include computer security, cybersecurity and systems assurance. He says now is not the time to play the blame game. Instead, officials should do a system-wide assessment to match safety and security expectations.

Chin says:

“Hospital operations epitomize mission-critical functions. There is a real danger of unacceptable losses happening in terms of patient injury and death.

“The key to preventing future losses is to adopt a mission-assurance mindset combined with systems thinking.  What a mission-assurance mindset means is: Avoid the blame game, which focuses on finding the one person whose head will go on a platter, or the single component responsible for the entire denial of access to patient records. Safety and security emerge out of the combined efforts of all involved. Safety and security cannot be created by one component or subsystem. At a minimum, it requires a controlled process and a controller operating together within system-wide constraints that match the safety and security expectations of the system’s stakeholders.

“We need to stop admiring the problem, i.e., stop focusing entirely on ransomware. Fixing ransomware alone will not assure the hospital’s mission. We need to identify mission-essential functions, e.g., timely, accurate, and precise knowledge of patient and hospital status, identify scenarios where these functions could be compromised, i.e., wargame the scenarios, and devise mitigations and/or adjust operations and decision-making processes prior to the next attack or accident.

“Moving forward, necessary questions are: What circumstances combined with hospital operating conditions can bring about the loss of mission-critical functions leading to unacceptable losses?; What are early indications and warnings that we are operating in a hazardous state that could lead to unacceptable losses; And based on wargaming, what mitigations or plans do we have to manage ourselves out of a hazardous state to prevent or minimize unacceptable losses?”

********************

Lee McKnight is an associate professor at the Syracuse University School of Information Studies (iSchool) whose research specialty includes cybersecurity. Prof. McKnight, who will present at the 2020 Cybersecurity Symposium for Smart Cities Oct. 14-16, says architectures and new community awareness efforts are needed to build cyber-physical security resilience.

McKnight says:

“I felt sick to my stomach when I learned of the Universal Health Services ransomware attack.

Turning hospitals back to 1950s paper-based operations, during a pandemic, will cause people to die in spite of best efforts ad back-up plans. UHS is a huge operation with 90,000 employees now working on their penmanship.

“The need for a new secure cloud architecture approach for security, privacy, rights and ethics cloud to edge as we have been developing in public-private partnership with City of Syracuse, NIST, and many firms and community organizations nationwide and worldwide, becomes more obvious every time poorly architected (for 2020) legacy systems without access control and least privileges by design bring down a company.

“The consequences of non-compliance with ransomware attackers’ demands are growing more extreme. Even as Universal Health Services struggles to restore systems, the Clark County (Las Vegas) School District is also suffering a ransomware attack. Students’ grades and personal information has been released to the Dark Web as punishment for the District not complying with their financial demands.

“Fortunately, data backups of medical information limit the damage in the UHS case. And patient records are kept in a separate system that was not accessed, so their systems do have some cyber-physical resiliency by design. But that’s not enough in the UHS case to regain control of key healthcare systems from hackers.

“Since for both schools and healthcare systems like Universal Health Services, as well as city governments, and small and large businesses, cyber-business as usual is just too easy for the hackers to take over. New architectures and new community awareness efforts are needed to build cyber physical security resilience.”

 

 

To request interviews or get more information:

Daryl Lovell
Media Relations Manager
Division of Marketing and Communications

M 315.380.0206
dalovell@syr.edu | @DarylLovell

The Nancy Cantor Warehouse, 350 W. Fayette St., 4th Fl., Syracuse, NY 13202
news.syr.edu | syracuse.edu

Syracuse University

  • Author
  • Faculty Experts

Daryl Lovell

  • Shiu-Kai Chin

  • Lee W. McKnight

  • Recent
  • Lender Center New York Event Gathers Wealth Gap Experts
    Wednesday, July 30, 2025, By Diane Stirling
  • After Tragedy, Newhouse Grad Rediscovers Her Voice Through Podcasting
    Wednesday, July 30, 2025, By Chris Velardi
  • Back-to-School Shopping: More Expensive and Less Variety of Back-to-School Items
    Tuesday, July 29, 2025, By Daryl Lovell
  • How New Words Enter Our Language: A Linguistics Expert Explains
    Friday, July 25, 2025, By Jen Plummer
  • Impact Players: Sport Analytics Students Help Influence UFL Rules and Strategy
    Friday, July 25, 2025, By Matt Michael

More In STEM

Inspiring the Next Generation of STEM Enthusiasts

A friendly competition is brewing in the corner of a basement classroom in Link Hall during the annual STEM Trekkers summer program, where students are participating in a time-honored ritual: seeing who can build a paper airplane that travels the…

5 Surprisingly Simple Ways to Use Generative Artificial Intelligence at Work

Not too long ago, generative artificial intelligence (AI) might’ve sounded like something out of a sci-fi movie. Now it’s here, and it’s ready to help you write emails, schedule meetings and even create presentations. In a recent Information Technology Services…

NSF I-Corps Semiconductor and Microelectronics Free Virtual Course Being Offered

University researchers with groundbreaking ideas in semiconductors, microelectronics or advanced materials are invited to apply for an entrepreneurship-focused hybrid course offered through the National Science Foundation (NSF) Innovation Corps (I-Corps) program. The free virtual course runs from Sept. 15 through…

Jianshun ‘Jensen’ Zhang Named Interim Department Chair of Mechanical and Aerospace Engineering

The College of Engineering and Computer Science (ECS) is excited to announce that Professor Jianshun “Jensen” Zhang has been appointed interim department chair of mechanical and aerospace engineering (MAE), as of July 1, 2025. Zhang serves as executive director of…

Star Scholar: Julia Fancher Earns Second Astronaut Scholarship for Stellar Research

Julia Fancher, a rising senior majoring in physics and mathematics in the College of Arts and Sciences (A&S), a logic minor in A&S and a member of the Renée Crown University Honors Program, has been renewed as an Astronaut Scholar for…

Subscribe to SU Today

If you need help with your subscription, contact sunews@syr.edu.

Connect With Us

  • Facebook
  • @SyracuseUNews
  • Youtube
  • Facebook
  • Instagram
  • Youtube
  • LinkedIn
  • @SyracuseU
  • @SyracuseUNews
  • Social Media Directory
  • Accessibility
  • Privacy
  • Campus Status
  • Syracuse.edu
© 2025 Syracuse University News. All Rights Reserved.