- This topic has 4 replies, 5 voices, and was last updated 1 year, 6 months ago by Tanatorn Tilkanont.
-
AuthorPosts
-
-
2022-09-21 at 10:27 pm #38227SIPPAPAS WANGSRIParticipant
1. Provide a brief description of the story.
The provided article is about a ransomware attack at Lamoille Health Partners. This is an organisation delivering comprehensive healthcare services to the people of Lamoille County in the US. There was a suspicious activity on June 13 until they noticed that their files have been accessed and locked out by a ransomware and the backup was restored. This institution reported that less than two percent of total records have been compromised and have yet not misused, the precise number being 59,381 individuals. The involved information includes names, driver’s license numbers, social security numbers, government IDs, medical information (not mentioned in detail) and addresses.2. What is/are the impact of this data breach? Consequences of the data breach.
This event not only affected the reputation of the organisation itself, but also the information that has been leaked. Provided that the data which has been compromised being the private patients’ information. It can lead to abuse of data, risk of exposing confidential health conditions and so on. Moreover, if there wasn’t any backup, they could have lost all the data and that would tremendously impact the delivery of patient care.3. How did the data breach occur?
The article did not provide that in detail. From my opinion and experiences, these kinds of attack – ransomware, mostly occurred by a person executing malicious software disguised in various format. Some ransomwares can replicate themselves throughout the network via SMB protocol and hence, all computers within an organisation could be affected. The origin is thought to be a human error and security software incompetency. The ransomware can encrypt your data and the only way to decrypt is to use a specific key. It does not, however, necessarily mean that the data has been leaked, but who knows when a malware is being infected on your computer, we don’t actually know what it is going to do under the hood.4. What should be the main cause of the data breach? Provide a brief explanation of the cause of data breach, such as phishing, ransomware, HIPAA violation, database misconfiguration, human error, third-party vendor error)?
From my point of view, it is most likely to have caused by human error, executing a ransomware.
5. How could you prevent this data breach attack?
There are various ways to prevent any cybersecurity threats.- Install proper antivirus, firewall, or any endpoint security software.
- Prohibiting the execution of unwanted or untrusted software from untrusted source.
- Regularly back up the data.
- Limit and lockdown users’ privileges.
- Also, raise the awareness of users about this type of attack.
-
2022-09-22 at 8:16 pm #38242Boonyarat KanjanapongpornParticipant
Thank you for sharing,
I agree with your prevention methods for Ransomware above and I would suggest to use multiple prevention to enhance the protection.
Moreover, solid IT staffs and updated management plan are also important with the sophisticated ransomware attack situation. -
2022-09-24 at 4:32 pm #38311SaranathKeymaster
For ransomware attack, regular training and raising awareness of people in the organization is very crucial.
-
2022-09-24 at 9:37 pm #38328Tanyawat SaisongcrohParticipant
Thank you Sippapas for sharing. I think another safeguard that can be added are (1) encryption of data stored in the database system and (2) in terms of user’s awareness, strong password practice is very important.
-
2022-10-04 at 2:01 pm #38511Tanatorn TilkanontParticipant
Thank you for sharing. In addition to the preventive methods above, the organization can develop a plan and policy regarding cybersecurity. The IT team may run regular security testing by re-evaluating users’ access and privileges and identifying new system vulnerabilities.
-
-
AuthorPosts
You must be logged in to reply to this topic. Login here