Zero-trust approach could offer defense against rising cyberattacks
Zero-trust approach could offer defense against rising cyberattacks
https://www.wafb.com/2026/01/13/zero-trust-approach-could-offer-defense-against-rising-cyberattacks/
Publish Date: 2026-01-13 09:31:00
Source Domain: www.wafb.com
Using an unordered list, summarize the following article with between 4 and 8 key points. (InvestigateTV) — A mother’s worst nightmare unfolded in an Iowa emergency room when her 3-year-old son received a medication overdose due to a ransomware attack that disrupted the hospital’s computer systems. Kelley Parsi brought her son, Jay, to a Des Moines emergency room in October 2022 after he became dehydrated following a tonsillectomy. What should have been routine care turned into a medical emergency when staff administered too much Tylenol with codeine, she said. “She just had like this big syringe of Tylenol and gave him Tylenol. And then the pediatrician came in and was like, ‘Hey I need to talk to you. We overdosed your son,’” Parsi said, breaking into tears as she recalled the incident. The confusion stemmed from a ransomware attack at the hospital that caused problems with access to patient records, Parsi said. Cybercrime losses reach $16 billionThe incident highlights the growing threat of ransomware, a type of malware that holds a victim’s data or device hostage until the attacker is paid. In 2024, Americans lost more than $16 billion to online crime, a 33% increase from the previous year, according to the FBI. Globally, total losses are projected to reach $23 trillion by 2027. Zero-trust principles gain tractionDr. Christopher Whyte, an assistant professor at Virginia Commonwealth University, said the solution lies in adopting a “zero-trust” mindset. “If somebody calls you and almost no matter what they say, immediately consider them to be untrustworthy,” Whyte said. Zero-trust is a cybersecurity approach that assumes no user or device should be trusted by default. “Zero-trust is kind of the architecture of cybersecurity in the workforce today. It’s a set of principles that basically says, never assume you are safe because of the security steps you have already taken,” Whyte said. The rise of new technologies and artificial intelligence has transformed the cybersecurity landscape, creating new vulnerabilities in critical infrastructure. “2025, following on from 2024, we’ve seen extensive new forms of attack against America’s critical infrastructure by actors across that criminal to nation-state gamut,” Whyte said. Recent cyberattacks have targeted more than 300 major organizations across the medical and manufacturing sectors through the Medusa ransomware group. The Department of Homeland Security has warned that this represents just the beginning of escalating threats. Regulatory response lags behind technology Whyte said current laws struggle to keep pace with rapidly evolving technology threats. “There’s good models around the world and we’re not there in the United States,” he said. He pointed to the European Union as a positive example, noting their recent AI Act as “the first, global, major regulation that deals with the regulation of AI based on risk categories.” Concerns about the destruction of dataWhyte expressed particular concern about ransomware attacks where criminals may destroy data. “They’re not looking for money, they’re just looking to encrypt the data and they’ll never give you the key, at which point they’ve destroyed the data,” he said. “Apply that to a health care system. You’re in a situation there where people in hospital, the nursing staff, are not able to access information about the kinds of medication, the amounts of medication somebody is meant to have.” Despite the challenges, Whyte said adaptation remains possible. “The lessons we’re learning are always evolving in this space. That is true for our adversaries as much as it is for the defenders,” he said. A 2021 executive order mandated that federal agencies adopt zero-trust principles. The Defense Department has set 2027 as its deadline for full compliance. Copyright 2026 Gray Media Group, Inc. All Rights Reserved.
