Protecting Patients’ Online Lives

Article Content

This story originally appeared in the winter 2025 issue of UC San Diego Magazine as “Do No Harm.”

From pacemakers to patient portals, modern health care systems are increasingly reliant on connected technologies. However, innovation can make health care systems vulnerable to sophisticated cyberattacks, threatening not only data, but patient lives.

At UC San Diego, two physician-researchers are leading the effort to make health care safer in the digital age. Drs. Jeff Tully and Christian Dameff co-direct the UC San Diego Center for Healthcare Cybersecurity and bring together a multidisciplinary team of clinicians, computer security researchers, health system security professionals and more — all focused on prioritizing patient safety in an increasingly connected world. Launched in 2023, the center investigates cybersecurity practices and carries out applied projects to reduce the impact of cyber incidents on bedside care. One such effort is supported by a $9.5 million federal award.

Tully and Dameff sat down with UC San Diego Magazine to discuss how they are utilizing this federal investment to build a more secure and resilient health care system now and in the future.

What do cyberattackers want?

Jeff Tully: Many cybercriminals are financially motivated. Hospitals frequently pay ransoms exceeding seven or eight figures in order to regain access to encrypted systems or stolen data. Other, more organized groups may be supported by nation-state actors or even be part of the nation-state’s formal military or intelligence apparatus. These hackers may target health care as part of campaigns designed to disrupt an adversary’s critical digital infrastructure to achieve strategic or political objectives.

In the next five to 10 years, what is the most significant emerging cybersecurity threat for health care?

Christian Dameff: Cyberattacks disable, disrupt and delay critical technology that we need to take care of patients. In 2024, a major ransomware attack occurred on Change Healthcare, a company that handles financial transactions for many health care organizations. This breach may have compromised the personal medical information of up to one-third of Americans, with many of them experiencing challenges filling their prescriptions. It also delayed billions of dollars in payments to doctors and hospitals. After a similar incident in the U.K., its National Health Service attributed the death of a patient to delays in care caused by the attack. These incidents highlight the severe consequences of cyberattacks on critical linchpins of the health sector.

Can AI be used as a tool to defend against cyberattacks?

JT: There is a lot of exciting work being done to evaluate the potential of automated security tools, but AI does not solve — and may potentially turbocharge — the ever-escalating arms race between defenders and attackers. As soon as someone claims to create an AI “silver bullet” for cybersecurity, you can be sure a malicious attacker will find a vulnerability that exploits it. The solution? We need to expect cybersecurity breaches as a matter of when, not if, and design resilient systems — spanning software, people and organizations — accordingly.

Are there any steps patients can take to protect themselves?

JT: We recommend that patients turn on multifactor authentication, update their software and operating systems regularly, think before clicking, and use strong, unique passwords. These are recommendations for all Americans from the U.S. Cybersecurity and Infrastructure Security Agency.

CD: Patients can empower themselves by keeping copies of their medical records in a nondigital form, including lists of medications, allergies and any major medical problems, should electronic health records or patient portals go down. Think of it as part of your family’s emergency preparedness plan. Also, never be afraid to ask your doctors or health care organizations what protections and policies they have in place to ensure resilience against cybersecurity incidents.

How do you strike a balance between protecting patient data and enabling innovation in digital health and telemedicine?

JT: We can have both. There have been incredible advances in encryption, secure-by-design software and hardware, and many other tools that enable digital health innovators, medical device manufacturers and other health care providers to ensure that the platforms used for patient care are as resilient and secure as possible while allowing for all kinds of amazing innovations and advancements.

How is UC San Diego advancing health care cybersecurity?

CD: Our research asks, “What are the threats to life and limb of cyberattacks? When does a cyberattack change the likelihood that a heart attack patient is going to survive?” We aim to identify and measure these risks and then ultimately provide solutions and new technologies to help keep patients safe.

Learn more about the UC San Diego Center for Healthcare Cybersecurity at cyberhealth.ucsd.edu.