- This topic has 16 replies, 10 voices, and was last updated 3 years, 9 months ago by
Kridsada Sirichaisit.
-
AuthorPosts
-
-
2020-09-26 at 10:25 pm #22790
Naphat
Participant$185K Proposed Settlement Reached in Grays Harbor Data Breach Lawsuit
Provide a brief description of the story.
Grays Harbor Community Hospital and Harbor Medical Group was hit with a ransomware attack by phishing email. The hospital and clinic were down because can not access to information system and EHR. And hackers demanded a 1-million-dollar ransom to unlocked data.
What is/are the impact of this data breach? Consequences of the data breach.
Electronics Health Records (EHR) was down and locked by ransomware and cannot recovery all data of 88,000 patients during the attack.
How did the data breach occur?
An employee clicked on a malicious link contained in a phishing email, which deployed the ransomware payload. The incident occurred over a weekend when Grays Harbor IT staff was limited.
What should be the main cause of the data breach? Provide a brief explanation of the cause of data breach, such as phishing, ransomware, HIPAA violation, database misconfiguration, human error, third-party vendor error)?
The main course of the data breach is the hospital’s older software cannot prevent the ransomware and the staffs have no knowledge or training about IT security.
How could you prevent this data breach attack?
1. Computer system
– Update software and antivirus
– installing a next generation firewall
2. Staff Training
– IT security and cyber security.
– Cyber attack.
– workshop and test.
3. Backup data on server.Naphat Y.
-
2020-09-26 at 11:06 pm #22792
Khaing Zin Zin Htwe
ParticipantThanks for the interesting report. This is a very clear example of how clicking a single phishing email by a single employee can lead to a huge loss to the whole organization. And it would be beneficial to regularly monitor vulnerabilities in the system.
-
2020-09-28 at 2:30 am #22820
Wachirawit Supasa
ParticipantI think backing up data on the internal server could also be a target too since Randsomeware can encrypt the drive if it operates on the same network. I suggest that backing up to the cloud system would be more beneficial.
-
2020-09-28 at 11:21 pm #22834
Saranath
KeymasterThanks for the brief description and propose the solutions for the particular event. Recently, one hospital in Thailand just was hit by the ransomeware. It caused shut down of almost all activities in the hospital. Regularly and appropriately backing up data is another important part to recover from the ransomeware attack.
-
2020-09-29 at 11:37 pm #22869
Ornpicha Thiampol
ParticipantI saw this news last month and It feels close to home. Unfortunately, the hospital didn’t back up the data for a long time. So, every hospital should concern this problem.
-
-
2020-09-29 at 10:39 pm #22863
Phone Suu Khaing
ParticipantThanks for the interesting case study and explanation!
It could let us understand how phishing mail and ransomware have huge impact in our daily life! All 3 preventive measures mentioned in the case study are really perfect. I might also add “Communication” in preventive measure as it could also be required in all steps. -
2020-09-30 at 4:03 am #22878
Saravalee Suphakarn
ParticipantThank you for explaining the case, same case with me. I totally agree with your prevention measures. Your measure about back up data is adding more than my report and I strongly agree with it. And I think that cloud sever with the sever security may prefer.
-
2020-09-30 at 11:18 pm #22904
Navinee Kruahong
ParticipantThis case study highlight the impact of a ransomware attack. Emphasizing data security awareness among workers is a crucial step to protect the case like this.
-
2020-10-02 at 1:44 am #22908
Kaung Khant Tin
ParticipantThank you so much for this informative report. And I agree with your preventive measures. Anyway, what I would like to add more is that an overall administrative security measures such as adopting the security & privacy policy, governance of security risk management & response and uniform enforcement of policy & monitoring process.
-
2020-10-20 at 11:41 pm #23442
Kridsada Sirichaisit
ParticipantI agree with you. In the backup process contain
1. Internal data backup (in server in other disk) this method cannot protect from ransomware
2. Backup remote server this method can protect data from ransomware (must dsable SMB)
3. Daily database backup with unwritable DVD this method can protect data from ransomware but data may not complete.The SMB service must close this service both windows and linux operating system to prevent ransomware
-
-
AuthorPosts
You must be logged in to reply to this topic. Login here