The Change Healthcare cyberattack that disrupted nationwide health care systems earlier this year—affecting a third of Americans at a total loss of $100 million—was a major wake-up call: Such attacks in the health care industry are on the rise. And they should be treated with utmost seriousness, agreed a panel at Fortune ’s Brainstorm Health conference in Dana Point, Calif., on Tuesday.
“In my world, it’s almost an act of war,” said Stephen Gillett, chairman and CEO of Verily, a life sciences company. “It’s that level of aggression toward infrastructure. Those are people’s lives, their personal information.
That is not something that should just be a tech issue that we’re solving for.” He believes this aggression calls for a response akin to what would happen if another country were to sink a U.S.
ship off its coast. “It should be taken with that same level of seriousness above and beyond the technical response,” he said. Especially since “the money these bad guys are getting from these [cybercrime] exploits is now surpassing all of the illegal drug trafficking in the world combined,” he says.
In the case of Change, it was a Russian organization that exploited very simple configuration issues with multifactor authentication—which should dictate how companies prepare themselves to respond to future attacks, noted the panel’s experts, also including Andrea Downing, president and cofounder of the Light Collective, and Bob Segert, chairman and CE.