Hospitals Urged to Bolster Cyber Resilience Amid Escalating Ransomware Threats
What Happened — In a May 2026 interview, John Riggi (American Hospital Association) and Josh Howell (Rubrik) warned that ransomware attacks are increasingly targeting U.S. hospitals, threatening patient safety, clinical continuity, and business viability. They emphasized immutable, secure backups and coordinated incident‑response playbooks as the most effective defenses against extortion and data‑destruction tactics used by both criminal and nation‑state actors.
Why It Matters for TPRM —
- Ransomware remains the top cyber‑risk vector for healthcare providers, exposing third‑party data and service continuity.
- Weak backup and recovery controls can cascade to vendors that rely on hospital data (EHR platforms, billing services, cloud hosts).
- Regulatory penalties and reputational damage amplify the financial impact of a successful attack on a partner hospital.
Who Is Affected — Hospitals and health systems, EHR/clinical‑software vendors, cloud‑hosting and backup service providers, and any downstream supply‑chain partners that process patient data.
Recommended Actions —
- Verify that each hospital vendor maintains immutable, air‑gapped backups with regular restore testing.
- Review and update incident‑response and business‑continuity plans to include ransomware‑specific playbooks.
- Conduct third‑party assessments focused on ransomware detection, endpoint hardening, and privileged‑access management.
Technical Notes — The discussion referenced ransomware techniques such as SQL‑database destruction, storage‑array wiping, and system‑time manipulation—methods commonly delivered via phishing, credential theft, or exploited vulnerabilities. No specific CVE was cited. Source: DataBreachToday – Why Hospitals Must Rethink Cyber Resilience