A panel at the HIMSS conference says artificial intelligence will be used to produce more sophisticated malware and phishing. But AI offers new potential in protecting organizations.
Chicago – As technology leaders predict that artificial intelligence will be used in healthcare and research, cybersecurity experts say healthcare organizations must brace for AI-powered attacks on their systems.
Cybersecurity leaders in healthcare say it’s coming, and it’s likely going to be a threat that organizations will be dealing with in the not-too-distant future.
Salwa Rafee, global managing director of Accenture Security, moderated a panel discussion on cybersecurity in healthcare Wednesday at the HIMSS Global Health Conference & Exhibition. While expressing her own enjoyment of ChatGPT, she asked panelists how AI would change the cybersecurity landscape.
Adam Zoller, chief information security officer for the Providence health system, said criminals will use AI to attack hospitals and healthcare organizations.
“I think within the next couple of years, we're gonna see AI-operated ransomware, AI-operated malware that automatically gets into your systems and automatically finds exploitable vulnerabilities,” Zoller said.
“That's an inevitability,” he said.
Some attackers will be using ChatGPT to craft more convincing or authentic emails to entice people to click on links, giving them access to the organization’s systems.
“It’s already being used to craft better phishing lures for your people,” Zoller said. “So training and education and awareness are paramount to your organization.”
John Riggi, national adviser for cybersecurity and risk for the American Hospital Association, said he expected to see AI used by bad actors. Just as millions of Americans are using ChatGPT for writing, research, or simply having fun, ransomware groups will be using the technology for their own purposes.
Concurring with Zoller, Riggi said he expected to see phishing emails and malware being written with ChatGPT. “I think you will see an acceleration of attack cycles,” Riggi said.
Greg Maher, chief information officer of Allymar Health, said he hoped that the “good guys” will stay ahead of the bad actors when it comes to utilizing artificial intelligence.
“I do trust the fact that it takes a large organization to build something like that,” Maher said.
While Maher said anyone can get an algorithm, he said to build the data and have the smarts behind technology such as ChatGPT “takes a pretty large budget to do something like that.”
While the panelists projected that artificial intelligence will be used in attacks on health organizations, Zoller also pointed to an encouraging development: AI can be used to defend health systems against bad actors.
Microsoft recently released a cybersecurity product, Copilot, that utilizes AI to help build smarter defenses, he said. “These technologies give us a tremendous advantage over our adversaries,” Zoller said.
“Companies like Microsoft are developing tools like Copilot that are going to enable us as security leaders in the industry to fill a critical knowledge gap,” Zoller said.
“I know you know, for those in the room that are cybersecurity leaders, on cybersecurity teams for hospital systems, I'd be willing to bet that it's pretty tough to train, hire, recruit top cybersecurity talent,” he added.
Vasu Jakkal, corporate vice president of Microsoft Security Business, talked about Copilot at last month’s ViVE Conference. She said the Copilot’s artificial intelligence is going to be constantly learning and can defend against emerging threats. And she said it could help organizations struggling to find top cybersecurity talent.
“For the first time in a very long time … I feel like defenders are going to be fundamentally ahead of attackers and we’re going to change the game,” Jakkal said at ViVE.
During the panel discussion at HIMSS, Rafee said AI offers intriguing possibilities in “automated threat detection.”
While AI models can be used to find and exploit vulnerabilities, Zoller said he is encouraged by the chance that it can be used to improve defenses.
“The same technologies can be used to find vulnerabilities to fix vulnerabilities,” he said.
Riggi also noted another encouraging development: the recent drop in ransomware attacks. He said that hospitals and health systems have increased their capabilities in cybersecurity, although a number of high-profile attacks indicate the threat has hardly passed.
But Riggi said he is concerned that ransomware groups are shifting tactics, and are recognizing that health systems can be exploited through the scores of vendors and other third parties who have access to their systems.
“I’m not sure if it’s a plateauing of a threat in certain areas or a transition,” Riggi said. “That’s what we’re concerned about.”
Read more: Dealing with cyberattacks: Understanding how to prepare and respond
In this video from the ViVe Conference, Salwa Rafee of Accenture offers guidance for health systems looking to improve their cybersecurity defenses.