Week 2 Case study 4: Ransomware attack (Chalermphon)

[Saranath]

Please read your friend’s report and provide comments on “Are there any other preventive measures to avoid the attack?”.

Case study 4 : Ransomware attack on fetal diagnostic lab breaches 40,800 patient records

(https://www.healthcareitnews.com/news/ransomware-attack-fetal-diagnostic-lab-breaches-40800-patient-records)

 

1.Provide a brief description of the story.

             June 2018, Fetal Diagnostic Institute of the Pacific was hit by Ransomware attack on personal information some patient records of fetal diagnostic lab breaches but Officials took immediate action to contain the incident and enlisted a cybersecurity firm. They were able to successfully and installed further protections to better prevent future incidents. Backup data server is very important from the situation because of they maintained for contingency and were able to restore the impacted data.

 

2.What is/are the impact of this data breach? Consequences of the data breach.

            Personal information destroy, cannot work and leakage. Consequences of the data breach is cannot process some patient information in patient system. It will be damage to the server or some data loss.

 

3.How did the data breach occur?

            The situation talked about the weak point of security and privacy as often employees are the weakest links to accessed something or open some email or used other software but it have many way to attack server such as low security and privacy the gab of network system, rack of update operation and software.

 

4.What should be the main cause of the data breach? Provide a brief explanation of the cause of data breach, such as phishing, ransomware, HIPAA violation, database misconfiguration, human error, third-party vendor error)?

            I think main cause of the data breach in situation is weak point of employees because of Ransomware attack Will come as an credible email attachment and advertisement. Ransomware not designed to steal user information in any way. But will encode or lock files such as documents, images, videos, users will not be able to open any files if they are encrypted which means that encryption is required to use the unlock key to recover the data or call Ransom.

 

5.How could you prevent this data breach attack?

1. Risk analysis to identify threats and vulnerabilities on electronic protected health information.
2. Design and develop methods to protect the system from various types of malware, including ransomware.
3. Train employees to detect malware and report detection results to relevant parties
4. Restrict access Only for people or software that is needed
5. Prepare emergency plans such as Disaster Recovery and have regular backup plans and create incident action plan (IAP) of system.

• This topic was modified 3 years, 11 months ago by admin.
• This topic was modified 3 years, 11 months ago by admin.
• This topic was modified 3 years, 11 months ago by admin.

[tullaya.sita]

– increase awareness of employee about cyber security including the phishing email
– scan the mobile storage devices with the up to date virus database program regularly before connect to the computer in the systems

[Pyae Phyo Aung]

Regular awareness raising of employees about the cyber safety and security.
Notice the preventive methods of cyber attack and ransomeware attack such as phishing alert, regular update anti virus software, window update, do not visit pirate sites and/or download & install pirated software.

[Ameen]

Ransomeware targets server store data are financially worth hacking such as credit card numbers, identifiable information. To make the dataset less juicy, the data should be collected only need-to-know data and should be stored with de-identifiable form.

[Author]

Posts