Tagged: #business continuity
- This topic has 4 replies, 5 voices, and was last updated 1 year, 7 months ago by Saranath.
-
AuthorPosts
-
-
2022-09-18 at 10:10 am #38142Boonyarat KanjanapongpornParticipant
https://healthitsecurity.com/news/neurology-practice-notifies-363k-of-data-breach-phi-released-on-dark-web
1.
Ransomware attacked Goodman Campbell and Spine, neurology practice in USA on 20 of May 2022. The attacker successfully accessed to appointment schedules, insurance documentation and referral forms but they did not manage to intrude EMR system. This intrusion caused the leakage of 362,833 identifiable health information on the Dark Web.2.
Firstly, this data breach caused the leakage of confidential information such as names, birth dates, phone number, treatment information and other personal information which could harm individual’s assets but there was no report of information violation from this incident.
Secondly, this Ransomware attack did affect the communication system (phone and email) where the system needed to be restored and some services were paused.
Lastly, the department had to take responsibility from the insecure systems by providing reimbursement for the impacted individuals. Moreover, the trust of security management in health care setting might be damaged.3.
There was an investigation with the FBI for this incident but there was not information revealing the exact cause of this sophisticated ransomware attack. Typically, ransomware would be able to download into our systems by user clicking unknown link from email, website, message or download program from unknown or deceptive websites. Moreover, vulnerability could allow ransomware to easier invade targeted system as well.4.
The main cause of this breach was from Ransomware, one type of Malware, which invaded targeted systems, threatened security function (block the system, take control, encrypt file) and demanded ransom.5.
There has to be usage of multiple security defensing because there are many ways to intrude the system.
Security of network connecting has to be elevated. Firewall installation (protect unauthorized user, only Web access), Security of internet setting such as encrypted information or web browser security setting would help to protect system from network intruder.
It is not enough with only networking control, software fragility is the weakness of system where attackers could send Ransomware without being downloaded. Regularly detecting vulnerability of software and updating operating system should be scheduled.
Moreover, security issues could be encouraged in large organization with different IT background staff. Unawareness of networking connection might make it easier for the scammer to invade the system. The staff should be educated about prevention techniques such as setting strong password, avoiding unrelated website, email or file attachment. Level of access or authorization could be regularly reviewed.
Lastly, plan for threats has to be ready. There are possibly some weaknesses in the organization and sophisticated invasion. Preparation such as intrusion detection, data backup, emergency plan would help with restoring system and reducing the damage. -
2022-09-19 at 5:57 am #38153Kawin WongthamarinParticipant
Thank you for sharing!
Your answer is so comprehensive. I probably don’t have any other protection methods other than all you have mentioned above. But I think the key starting point for this incident was that the director doesn’t realize the importance of having proper defense until an attack occurred.
After I read many cases of this activity. I also realized that prevention before the incident was the most important and also the most difficult task because we didn’t know where our vulnerabilities were until we were attacked.
-
2022-09-20 at 1:03 pm #38189Zarni Lynn KyawParticipant
Amazing summary and analysis.
So, instead of other preventive measures to avoid the attack, I would like to explore the use of planning tools to ensure business continuity. I think no systems can be 100% secure, so business continuity planning is essential to make sure services can be deliver during a crisis.
-
2022-09-21 at 6:45 pm #38223Siriphak PongthaiParticipant
Your answer covers the whole I could think of. Yes, I agree with you particularly “software fragility”.
I think we should get back to re-evaluate the security design of the software. If IT has well developed design and tested the product, before launching, we are able to see the weak point and gap of the program. To prevent cyberattack, I think the design and development processes are a crucial step to concern.
-
2022-09-24 at 4:54 pm #38315SaranathKeymaster
Thanks you all!
-
-
AuthorPosts
You must be logged in to reply to this topic. Login here