On April 6, cancer patients at Brockton Hospital in Massachusetts showed up for chemotherapy infusions and were told to go home. The hospital’s information systems had been hit by a cyberattack. The ER closed. Ambulances were diverted. Staff switched to paper records. Patients were told to call back later to reschedule their treatment.
This wasn’t the first time that this kind of incident has happened. In May 2024, the Ascension ransomware attack took down systems across 136 hospitals for six weeks. That same year, the Change Healthcare breach compromised the personal health information of 100 million Americans, roughly one in three people in the country, and disrupted billing and authorization systems so severely that physician practices warned they might have to close their doors. After the Change breach, an AHA survey of nearly 1,000 hospitals found that 74% reported direct impact on patient care.
What’s coming may be even bigger.
When health care infrastructure is attacked and held for ransom by hackers, patients become real casualties. People miss chemotherapy appointments, echocardiograms, and lifesaving surgeries. Prescriptions can’t be filled. Emergency rooms can’t look up your medication allergies when you arrive by ambulance.
I come at this from two directions that don’t usually overlap. I’m a patient advocate — I’ve spent years working for transparency in how health systems handle our data and make decisions that affect our care. I’m also a security researcher. Finding security flaws and navigating the painstaking process of coordinating with companies to close vulnerabilities takes a ton of time and effort.
Those two experiences have taught me the same lesson from opposite sides: The gap between finding a problem and fixing it in health care is not technical. It’s structural.
A new kind of arms race
The same capabilities being celebrated for drug discovery are now powerful enough to find and weaponize software vulnerabilities at machine speed, and health care’s defenses weren’t built for that pace. And while health care has been racing to find cures with artificial intelligence, nation-states have been in an arms race to wield power over each other. This adversarial landscape is compounded by a race between Silicon Valley and health systems to compete, often with each other.
On April 7, Anthropic announced Claude Mythos Preview, an AI model capable of autonomously discovering thousands of critical software vulnerabilities and generating working exploits without human guidance. Rather than release it commercially, the company launched Project Glasswing, a $100 million coordinated disclosure program giving restricted early access to AWS, Apple, Google, Microsoft, and other partners so they could patch their own products. It appears that the health sector was not included. Anthropic estimated comparable capabilities will appear in other models within six to 18 months.
Five days later, the Cloud Security Alliance (CSA) published “The AI Vulnerability Storm,” co-authored by former Cybersecurity and Infrastructure Security Agency Director Jen Easterly, Bruce Schneier, Katie Moussouris, and dozens of enterprise security leaders. Their central finding: The time between a vulnerability being disclosed and a working exploit appearing has collapsed to under one day. Every organization, they write, should begin a 90-day preparedness plan immediately.
Security researcher Marcus Hutchins, famous for stopping the WannaCry ransomware attack that crippled critical infrastructure, including hospitals, in 2017, offered a blunt critique: Bugs don’t go unpatched because no one can find them. They go unpatched because no one is being paid to patch them fast enough.
Patients caught in the middle
Experts in the field of health care cybersecurity have warned about this coming reckoning for years. The challenge isn’t that hospitals don’t care about security. It’s that health systems don’t control some of the software they depend on, and policy waits until a crisis arrives to actually change things. We scaled up health care’s dependence on digital infrastructure without scaling up the incentives and obligations to protect what was built. When a new vulnerability is found, the hospital can’t simply push a fix. It waits for the vendor to develop a patch, for compatibility testing, and sometimes regulatory clearance before a medical device can be updated, to validate the patch is safe. A hospital can’t push a patch to electronic health records any more than a homeowner can reinforce a levee owned by the county that may break in a hurricane.
The CSA report says it plainly: “Attackers already operate as syndicates, crowdsourcing, sharing tools, and moving as a collective. Defenders must do the same.” Health care hasn’t done the same because it’s not built in the same way. Securing health care infrastructure from hackers was barely manageable when attackers needed weeks or months to weaponize a new vulnerability. It is not manageable when that timeline to exploit a vulnerability is measured in hours, and the patch can take months or years. This means in the months ahead, regardless of whether hackers are using Mythos or other models that manage to catch up in this arms race, attackers will be able to exploit vulnerabilities much faster than health care can defend itself.
Large academic medical centers have dedicated cybersecurity teams and vendor relationships that give them leverage. Community hospitals, rural critical access facilities, and safety-net clinics, the ones many of us depend on, run older equipment with smaller IT staffs and less bargaining power. They are the least able to patch fixes. Community hospitals go back online last. And they serve the patients with the fewest alternatives when the doors close.
When every link in the chain has a different economic incentive, speed of response isn’t a function of urgency. It’s a function of who pays. And in health care, the entity with the most to lose (the patient) has no seat at the table where patching decisions are made.
We can’t forecast where the storm will hit
While forecasting a hurricane, the National Weather Service publishes a cone of uncertainty, a widening funnel showing where landfall will likely happen. It’s a scientific forecast so you can make decisions before the wind arrives. Health care cybersecurity doesn’t have that kind of forecast. But an unprecedented storm is forming.
Think of Anthropic’s Project Glasswing as an example levee-reinforcement program for the organizations inside the wall. Health care’s patchwork of vendor-controlled systems sits outside that wall. The offensive timeline just collapsed to hours. The defensive timeline for device manufacturers, regulatory clearance, and downstream testing hasn’t moved at all.
Some infrastructure to defend against this exists, and it has a short window to scale faster than the threat. For example Project UPGRADE and the ARPA-H Cyber Challenge used AI to find and patch vulnerabilities, while CISA developed no-cost tools and services for under-resourced facilities. Security researchers have begun tracking patient casualties from cyberattacks on hospitals. The Health Sector Coordinating Council is also working to mobilize resources.
To make sure better resources get to your community, call your senators about this bipartisan bill, now awaiting a Senate vote. As a matter of patient safety, if we are building the digital infrastructure that hospitals and patients depend on, we need the mandates, incentives, and funding to defend it.
Most patients have no idea this landscape exists. We’re told our records are protected by HIPAA. We trust that the devices monitoring our hearts or delivering our medications are secure. We assume someone is in charge of making sure a cyberattack can’t cancel our chemotherapy or shut down the ER we need.
Regardless of what happens with Mythos, this problem isn’t going away in the near future. And when cyberattacks hit, it’s our families, friends, and local communities who won’t get a lifesaving treatment. It’s an ambulance that diverts to an ER that now has a 24-hour wait period. Patients are the ones on low ground when the cyber levees break.
Andrea Downing is a security researcher, patient advocate, and co-founder of The Light Collective.
Source link
