Despite advancements in cyber security, ransomware attacks have occurred in health care with devastating
effects. In the last 5 years, an estimated 60,000 radiotherapy treatments have been impacted by ransomware
attacks affecting Radiation Oncology departments. Our project starts from the assumption that ransomware
attacks will occur, and asks the question: what can be done to resume radiation treatments as rapidly and safely
as possible during and after an attack? We refer to this concept as ransomware attack resiliency. Radiation
oncology is particularly susceptible to ransomware attacks because it is the most technology reliant medical
discipline as the ability to safely deliver radiation therapy is heavily reliant on multiple complicated software
systems. If a ransomware attack does occur, Radiation Oncology patients are critically impacted as inevitable
delays in treatment result in worse clinical outcomes, complicated workarounds result in unsafe treatment
conditions, and the attacks stressed aspects of clinical care (transportation and communication) that
disproportionately impacted patients with adverse social determinants of health. Research into ransomware
attack response in Radiation Oncology has been primitive. Our project will form a multi-disciplinary team and
patient advisory board to develop innovative Radiation Oncology specific ransomware resiliency methods and
tools. Aim 1 will develop design goals through structured interview of frontline staff, meetings with a patient
advisory board, and by performing ransomware attack resiliency exercises by disabling software components
needed to treat a patient (thereby mimicking a ransomware attack) and asking the team to treat simulated
patients. The structured interviews will be evaluated using rigorous qualitative data from cognitive interviews and
the resiliency exercises will be evaluated using quantitative metrics. Aim 2 will develop novel software
functionality for ransomware resiliency including: 1) a robust Relational Backup System that innovatively
generates a backup of essential relationships between data elements on multiple systems, 2) Record and Verify
and treatment planning system minimum functionality algorithms, and 3) imaging checks based on artificial
intelligence methods. A comprehensive ransomware management document will be developed with strategies
for mitigating the impact of ransomware attacks on patients with adverse social determinants of health. Aim 3
will longitudinally implement the proposed innovations in diverse circumstances and iterate the
development/evaluation cycle 4 times. We will implement the developed innovations from Aim 2 and repeat the
structured interviews, meetings with the patient advisory board, and resiliency exercises. Our project can
significantly improve outcomes for cancer patients receiving radiotherapy at institutions impacted by ransomware
attacks. The innovations and methods from our work can reduce the time needed to return to safely treating
patients thereby improved chances for cancer cure, reduce the potential for medical errors, and mitigate
treatment barriers for patients with adverse determinants of health.