### #BloodSupplySecurity #HealthcareCyberDefense #RansomwareAwareness
Summary: The FDA has urged blood suppliers to enhance their cybersecurity measures in response to a series of ransomware attacks that have jeopardized the integrity of the blood supply chain. This call to action emphasizes the need for improved defenses to ensure operational continuity and patient safety.
Threat Actor: Russian-speaking ransomware gangs | Russian-speaking ransomware gangs
Victim: Blood suppliers in the US | Blood suppliers in the US
Key Point :
- The FDA issued a bulletin on December 5, 2024, urging blood establishments to address cybersecurity vulnerabilities.
- Recent ransomware attacks have disrupted blood supply operations, including incidents affecting Synnovis, OneBlood, and Octapharma Plasma.
- Recommendations include strengthening email security, implementing multifactor authentication, and preparing incident response plans.
- The AHA and Health-ISAC highlighted the urgent need for improved supply chain security in the healthcare sector.
- Ransomware gangs often employ ‘double extortion’ tactics, increasing pressure on victims to comply with ransom demands.
The US Food and Drug Administration (FDA) recently called on blood suppliers to increase their cybersecurity to safeguard the safety and integrity of blood supply for transfusions.
What happened
On December 5, 2024, the FDA issued a bulletin urging blood establishments to address vulnerabilities in their interconnected computer systems to protect against cyber incidents. The announcement follows a series of recent ransomware attacks targeting US blood suppliers and related entities.
Notable incidents include a June attack on Synnovis, a British pathology services provider, which disrupted care across multiple hospitals in London, causing widespread blood shortages and canceled procedures.
In the US, similar ransomware strikes targeted OneBlood in August and Octapharma Plasma in April, impacting blood collection and processing. Since recovering from these attacks can take weeks or months, the FDA emphasized improving cyber defenses for operational continuity.
The backstory
Russian-speaking ransomware gangs are believed to be behind the attacks on Synnovis, OneBlood, and Octapharma Plasma. These breaches disrupted healthcare services and raised global concerns about the resilience of medical supply chains during IT outages.
In August 2024, the Health Information Sharing and Analysis Center (Health-ISAC) and the American Hospital Association (AHA) issued joint alerts, warning healthcare providers about the growing threat to blood supply entities and its potential impacts.
Going deeper
The FDA recommends that blood suppliers:
- Strengthen email security and implement multifactor authentication.
- Use advanced encryption and mitigate network vulnerabilities.
- Maintain vendor and supplier cybersecurity requirements.
- Prepare comprehensive incident response plans.
The agency also urged blood establishments to evaluate their disaster recovery plans, check that downtime procedures comply with FDA regulations, and consider using computer software devices with regular security patches.
What was said
The AHA and Health-ISAC stated, “Now that three critical third-party supply chain attacks have significantly impacted healthcare delivery in the past three months, it should serve as a wake-up call across the industry to address supply chain security and resilience.”
Furthermore, the joint alert stated that if the attacks happened simultaneously, “The aggregate effect could be exponentially greater and could result in an unanticipated cascading effect to patient care.”
In the know
Blood supply chains rely on intricate networks of IT systems for donor eligibility checks, blood processing, and distribution, making them high-value targets for cybercriminals.
These criminals, including ransomware gangs, often use ‘double extortion,’ where they steal sensitive data before encrypting systems, increasing pressure on victims to pay.
The bottom line
As ransomware attacks increasingly target healthcare supply chains, blood suppliers must improve their cybersecurity and resilience. These suppliers must implement the FDA’s guidance on cyber defenses and disaster planning to prevent future disruptions in patient care.
Go deeper: How cyberattacks can disrupt healthcare services
FAQs
What is a ransomware attack?
Ransomware attacks are a type of cyberattack where hackers gain unauthorized access to a computer, encrypt its data, and demand the return of this data upon payment.
Hackers often target sensitive information like personal, financial, or healthcare data, crippling their operations until the ransom is paid or recovered by other means.
Ransomware typically spreads through phishing emails, malicious links, or software vulnerabilities, exploiting weak cybersecurity defenses. Even after paying the ransom, victims are not guaranteed data recovery.
What is a data breach?
A data breach occurs when sensitive, protected, or confidential data is accessed, disclosed, or stolen without authorization.
Can healthcare providers securely send patients’ health information?
Yes, providers can integrate a platform like Paubox with existing email systems like Google Workspace or Microsoft Outlook. Paubox automatically encrypts emails and does not require recipients to use portals or keys.
Ultimately, it allows providers to use regular emails without compromising patient privacy or violating HIPAA regulations.
Learn more: HIPAA Compliant Email: The Definitive Guide
Source: https://hipaatimes.com/fda-urges-blood-suppliers-to-improve-cyber-defenses