On April 6, cancer patients at Brockton Hospital in Massachusetts were turned away from their chemotherapy infusions due to a cyberattack that compromised the hospital’s information systems. The emergency room was closed, ambulances were diverted, and staff resorted to using paper records. Patients were instructed to call back later to reschedule their treatments.
This incident is not an isolated case. In May 2024, the Ascension ransomware attack incapacitated systems across 136 hospitals for six weeks. That same year, the Change Healthcare breach compromised the personal health information of over 100 million Americans, impacting billing and authorization systems to such an extent that many physician practices reported potential closure. A survey conducted by the AHA revealed that 74% of hospitals experienced direct repercussions on patient care following the Change Healthcare breach.
Experts warn that the situation may worsen. When health care infrastructure is compromised by hackers, patients face dire consequences. Appointments for chemotherapy, echocardiograms, and lifesaving surgeries are missed, while prescriptions go unfilled, and emergency rooms struggle to access vital patient information.
As a patient advocate and security researcher, I have witnessed firsthand the challenges of navigating healthcare data security. My dual perspective has led me to a crucial conclusion: the gap between identifying vulnerabilities and implementing fixes in health care is not technical; it is structural.
A new kind of arms race
The same technology that accelerates drug discovery now enables the rapid identification and exploitation of software vulnerabilities, outpacing the defenses of health care systems. While health care has been focused on using artificial intelligence to find cures, nation-states are engaged in an escalating arms race. This adversarial landscape is exacerbated by competition between Silicon Valley and health systems.
On April 7, Anthropic introduced Claude Mythos Preview, an AI model capable of autonomously discovering and exploiting software vulnerabilities. Instead of releasing it commercially, Anthropic launched Project Glasswing, a $100 million disclosure program offering limited access to select partners, including AWS, Apple, Google, and Microsoft, allowing them to patch their products. Notably, health care organizations were excluded from this initiative. Anthropic anticipates that similar capabilities will emerge in other models within the next six to 18 months.
Just days later, the Cloud Security Alliance (CSA) released a report titled “The AI Vulnerability Storm,” co-authored by former CISA Director Jen Easterly and security leaders. The report highlighted that the time between vulnerability disclosure and the emergence of working exploits has dwindled to under 24 hours, urging organizations to implement a 90-day preparedness plan immediately.
Marcus Hutchins, a security researcher known for halting the WannaCry ransomware attack in 2017, warned that unpatched vulnerabilities are often a result of insufficient resources, not a lack of discovery.
Despite years of warnings from health care cybersecurity experts, many hospitals remain vulnerable. The issue is not a lack of concern for security; rather, health systems often rely on external vendors for critical software. Change is typically reactive, occurring only after a crisis. The industry’s accelerated digital transformation has not been paired with corresponding measures to safeguard that infrastructure. When a new vulnerability arises, hospitals must depend on vendors to develop and validate patches, often leading to protracted delays. For instance, a hospital cannot directly patch its electronic health records like a homeowner can fortify a local levee.
As the CSA report articulates, attackers now operate as syndicates, sharing tools and knowledge collaboratively, while defenders have not adopted a similar approach. The challenge for health care is that securing its infrastructure was already a complex task when attackers required weeks or months to weaponize new vulnerabilities. The rapid evolution of exploit timelines—from weeks to just hours—creates an untenable situation for health care defenses.
Larger academic medical centers possess dedicated cybersecurity teams and stronger vendor relationships, while community hospitals and rural clinics often operate with outdated equipment, smaller IT staff, and less negotiating power. As a result, they face greater difficulty in implementing patches. When incidents occur, these facilities are often the last to resume operations, impacting the most vulnerable patient populations.
The mismatch in economic incentives across the healthcare supply chain means that speed in response is dictated by financial considerations rather than urgency. Ultimately, patients—those with the most at stake—are excluded from decision-making processes about timely patching and security measures.
As the health care sector faces an unprecedented cybersecurity challenge, the reality is stark. Unlike meteorologists who can forecast a hurricane’s path, there is no equivalent predictive model for cyber threats in health care. Anthropic’s Project Glasswing serves as a potential safeguard for larger organizations, but the vulnerabilities inherent in the patchwork of vendor-managed systems leave health care infrastructures exposed.
While some efforts, such as Project UPGRADE and the ARPA-H Cyber Challenge, aim to use AI for finding and patching vulnerabilities, these initiatives must scale rapidly to keep pace with emerging threats. The Health Sector Coordinating Council is mobilizing resources to address these challenges, but for patients, awareness is crucial. Most remain oblivious to the lurking dangers in the cybersecurity landscape, trusting that their medical data is secure under HIPAA regulations.
As we navigate this tumultuous landscape, it is imperative that patients advocate for stronger cybersecurity measures within health care frameworks. Without the necessary mandates, incentives, and funding to protect the digital infrastructure vital for patient care, communities may face dire consequences. When cyberattacks strike, it is patients and their families who bear the brunt, left waiting for lifesaving treatments while the cyber levees break.
See also
Anthropic’s Claims of AI-Driven Cyberattacks Raise Industry Skepticism
Anthropic Reports AI-Driven Cyberattack Linked to Chinese Espionage
Quantum Computing Threatens Current Cryptography, Experts Seek Solutions
Anthropic’s Claude AI exploited in significant cyber-espionage operation
AI Poisoning Attacks Surge 40%: Businesses Face Growing Cybersecurity Risks
