There are a lot of systems in a hospital. Maybe 3000 different systems, made by different suppliers, some long gone.
In good countries, we maintain important records and have roll back capabilities on most of the things we control ourselves. But that doesn’t necessarily include the MRI machines windows XP that is maintained by some third party supplier that operates through another 3rd party seller, and that’s just one of the 3000 things that can go wrong.
Then there is the parts where attacks will affect you, even if they don’t do any damage that can’t be reversed. Typically global internet access gets shut down during an attack, but that makes transfers harder. It also makes acute arrivals harder, because the ambulance helicopter might not be in range of your “internal internet” and thus may not be capable of feeding you important live data.
Some attacks target the network itself, and while you’ll generally have a good set of people running that, they aren’t always a match for nation state backed hacking tools.
So there is just a billion things that can go wrong, even if you have the best of the best working on it, and in many countries, there is a good chance that’s not even the case. I can count myself lucky to work in a country where we take digitisation very serious in the public sector, and I can easily see why things could go wrong.
In good countries, we maintain important records and have roll back capabilities on most of the things we control ourselves. But that doesn’t necessarily include the MRI machines windows XP that is maintained by some third party supplier that operates through another 3rd party seller, and that’s just one of the 3000 things that can go wrong.
Then there is the parts where attacks will affect you, even if they don’t do any damage that can’t be reversed. Typically global internet access gets shut down during an attack, but that makes transfers harder. It also makes acute arrivals harder, because the ambulance helicopter might not be in range of your “internal internet” and thus may not be capable of feeding you important live data.
Some attacks target the network itself, and while you’ll generally have a good set of people running that, they aren’t always a match for nation state backed hacking tools.
So there is just a billion things that can go wrong, even if you have the best of the best working on it, and in many countries, there is a good chance that’s not even the case. I can count myself lucky to work in a country where we take digitisation very serious in the public sector, and I can easily see why things could go wrong.