- This topic has 9 replies, 10 voices, and was last updated 3 years, 10 months ago by Kridsada Sirichaisit.
-
AuthorPosts
-
-
2020-09-27 at 2:24 pm #22807Saravalee SuphakarnParticipant
1.Provide a brief description of the story.
In June 2019, Grays Harbor Community and Harbor Medical Group, a not-for-profit public hospital district in Washington state, United state of America, was hit with a ransomware attack. The hacker demanded a $1 million ransom to release the lock data. This threat down the electronic health record (EHR) and affected the related health system that caused about 88,000 patients were affected.
2.What is/are the impact of this data breach? Consequences of the data breach.
The consequences of the ransomware attack were EHR downtime for about two months. Although Grays Harbor IT staff had to turn off the servers to restrict the spread of the malware, the spread was rapid and hit the system of both clinics and hospitals. Fortunately, patient care data, such as surgeries, routine appointments, and emergency care, continued as scheduled. However, there was a five-day period where payments could not be processed. Eighty-eight thousand patients who were effects from unable to recover all of the data during the attack. Some of the victims soon filed a lawsuit to Grays Harbor to recover costs incurred by the breach and claimed negligence. The organization has reached a proposed settlement of $185,000 for breach victim’s claims.
3.How did the data breach occur?
The starting point of this threat caused by an employee clicks on a malicious link in a phishing email. It deployed the ransomware payload to the computer and spread rapidly to other devices in the computer network.
4.What should be the main cause of the data breach? Provide a brief explanation of the cause of data breach, such as phishing, ransomware, HIPAA violation, database misconfiguration, human error, third-party vendor error)?
The Cause of the data breach started from phishing e-mail and deployed the ransomware. Besides the malicious objective of the criminal who attacked the system, user negligence is an important cause of this data breach.
How could you prevent this data breach attack?
Therefore, to prevent this situation, the organization must upgrade the safeguarding, especially about user security and system security. According to the report, Grays Harbor has already invested at least $300,000 to improve its information security program and plan to invest at least $60,000 more on security improvement over the next three years. Antivirus, antispyware, and firewall should be updated and fixes operating system vulnerabilities. To improve user security, which is the most important factor to protect the system from a phishing malware, authorized users should be educated and built awareness about phishing and other cyber crimes.
-
2020-09-27 at 7:24 pm #22812NaphatParticipant
I totally agree with you 🙂
You get the same case study as me and you can explain it in a much clearer and better way than I do. -
2020-09-28 at 2:07 am #22817Ornpicha ThiampolParticipant
I agree with you that we should educate users who work with IT to concern and aware of phishing and other cybercrime. As they mentioned this situation happened because some of them click on a malicious link in a phishing email.
-
2020-09-28 at 2:14 am #22818Wachirawit SupasaParticipant
I agree with your idea and would like to share some ideas about prevention. We know that hacker demands its ransome by encrypting all data. The hospital should consider implementing back up system such as cloud service which they can revert all changes to original data.
-
2020-09-28 at 11:25 pm #22835SaranathKeymaster
Human error is one of the cause for this attack. All authorized persons must be appropriately and regularly trained.
-
2020-09-29 at 10:28 pm #22862Phone Suu KhaingParticipant
Interesting story about phishing mail and ransomware! For prevention of this incident, I totally agree what you mentioned like two parts: Firstly, anti phishing tools by upgrading security system followed by employee education about phishing mails awareness trainings. I also agree the comment of Wacharawit which is to back up of data.
-
2020-09-30 at 12:25 pm #22888Khaing Zin Zin HtweParticipant
This is a very interesting description of the story to read. It was wise of Grays Harbor to invest in security measures rather than losing a large amount to the future attack. And I agree with the comment given by Wachirawit about the need to back up data in cloud services.
-
2020-09-30 at 10:31 pm #22898Navinee KruahongParticipant
You guys made a good point on using cloud services to back up data. Also, this case highlight the important of data privacy and security training, especially in a organization which contain personal information of people.
-
2020-10-02 at 2:15 am #22914Kaung Khant TinParticipant
Thank you so much for this informative report. I agree with your preventive measures. And I think administrative security measures should be taken too such as adopting a security & privacy policy ,and governance of security risk management & response.
-
2020-10-20 at 11:53 pm #23444Kridsada SirichaisitParticipant
Thank you for your brief story and information about how to prevention. User security training is important for data protection, but network admin is the person must review abnormal network traffic to prevent cyber attack. Some use firewall rules such as not permit IP form other country to access to network.
-
-
AuthorPosts
You must be logged in to reply to this topic. Login here