ACR Bulletin

Covering topics relevant to the practice of radiology

Cybercrime: The Invisible Foe

Guest columnist Christoph Wald, MD, PhD, MBA, FACR, chair of the ACR Commission on Informatics, urges radiologists to do what’s needed to protect organizations and patients from cybercrime.
Jump to Article

Identity spans personal and work life, so it has to be protected.

—Christoph Wald, MD, PhD, MBA, FACR
February 21, 2023

In 2021, 66% of healthcare organizations were hit by ransomware, up from 34% in 2020 — a 94% increase over the course of a year.1 More than 590 organizations reported healthcare data breaches to the HHS Office for Civil Rights in 2022, impacting upwards of 48 million individuals. It is not a question of if but when you and your organization and patients might be affected.
As citizens of the 21st century, we spend much of our lives in cyberspace. This is not a physical space. Rather, it’s a construct with a given name: the virtual space in which near-instantaneous sharing of information occurs across global, interdependent networks of IT infrastructures and resident data.

Everyday items including cars, phones and refrigerators are also increasingly joining the so-called Internet of Things.2 Smart devices equipped with voice assistants like Apple’s Siri and Amazon’s Alexa listen in on us, and wearables and smartphones are constantly collecting information on us. Social media and digital networks dominate our professional profiles and personal/family connections. Our work lives occur on digital production systems. An increasingly remote workforce depends on cyberspace to conduct business.
However, cyberspace is also a playground for well-resourced for-profit criminal enterprises, “hacktivists” and nation-state actors pursuing malicious goals, including warfare. International codes of conduct are undefined, and the barriers to entry and competition for cybercriminals are very low, benefitting from an absence of accepted laws, agreements or governing protocols. As a result, any participant of cyberspace simultaneously benefits from and is vulnerable to this network.

The Human Factor
Most cyber incidents are related to human behavior: Human error often enables attacks. Behaviors such as the ever-increasing digital communication across multiple platforms and online shopping are being exploited. The convenience of the latter is correlated with our ever-increasing surrender of personal information, widely shared and stored with our permission. The infamous “one-click” acceptance of “cookies” and convoluted online terms for sharing data is often performed indiscriminately by naïve end users, opening the door to abuse.3 Phishing and SM(S)ishing attempts occur routinely to try to steal credentials for illicit purposes.

How does this impact healthcare? Our organizations render complex, human-based services. Many people of different levels of education and digital awareness work together to care for patients, under one roof and on the same network, from the front desk staff to the chief medical officer. Anyone can become the target of a cyberattack, wittingly or unwittingly. The resulting spread of malicious computer code can encrypt servers, data or both, which can cripple operations, leading to negative results including patient harm and financial losses.

Identity “Crisis”
Our access to sensitive systems, data and networks is typically tied to our role(s) and identity, requiring authentication. Identity spans personal and work life, so it has to be protected. The work step of authentication is an important vulnerability, unless biometric or multifactor authentication (identity proof) is used.

Compromise may result, for example, from careless design and use of passwords or inappropriate response to phishing emails. The digital data-sharing technology that is designed to customize our many online transactions is easily exploited by cyber criminals. To make matters worse, we increasingly use the same devices for leisure and work. Infection of unsecured devices outside your organization with physical connection inside your organization can allow criminals to gain access to your data.

A Digital Medical Specialty
Radiology is the first fully digital medical specialty! Everything is completely dependent on digital technology, from the acquisition of modern-day digital images and their interpretation to the dissemination of results to the point of care. Radiologists create, interpret and store large amounts of sensitive and valuable information. Hence, radiologists have a particular obligation to take cybersecurity seriously since their core mission is tied to it. Radiologists must consider business continuity planning a mission-critical activity to minimize patient harm in times of attack.
It takes a village to protect our organizations and patients from cybercrime. Don’t wait one more day to put a plan in place.


1. Enter endnotes here... 2004:1(3)199–203. Available at

Author Christoph Wald, MD, PhD, MBA, FACR,  chair of the ACR Commission on Informatics