Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Another Cyber Attack on the Healthcare Industry

May 2024 by Stephen Kowski, Field CTO, SlashNext Satyam Tyagi, Vice President, ColorTokens

While it’s being reported that the Change Healthcare overall data breach costs are mounting to $1 billion, another cyber attack on one of the largest hospital systems in Illinois (and in the US for that matter) Ascension is taking its systems offline to investigate what it describes as a ‘cyber security event’.

The company said it had engaged cybersecurity consulting firm Mandiant to assist in the investigation and remediation process, and had notified law enforcement authorities.

This is a serious incident. Mandiant/Google is engaged and that is an indicator of a serious situation. They are diverting ambulances, which shows they do not have trust in their systems to do proper patient care. The incident was noticed Wednesday, even after 24 hours or more, extent of damage or containment is not known. They have also requested that their partners disconnect from their network - another indicator that the extent of the damage has not yet been identified. By actual patient testimony, computers are shut off and they are using charts, which indicates that not even backup recovery is online. At the moment, it seems that Ascension is doing everything they can, but recovery was not planned or effective. Moving forward, every hospital should thoroughly plan for breach and recovery and test those solutions extensively.

Stephen Kowski, Field CTO, SlashNext:
Ascension’s decision to instruct business partners to disconnect from its systems, while disruptive, is a necessary containment measure that underscores the sophistication of the attack, likely involving social engineering tactics. To bolster their defense against such insidious threats, Ascension should leverage AI-driven security solutions that can preemptively identify and neutralize social engineering attempts before they escalate. The similarity in attack vectors between the Ascension and Change Healthcare incidents suggests a pattern that may involve advanced social engineering techniques, exploiting human vulnerabilities. Healthcare organizations should adopt AI-powered security tools capable of detecting anomalous behavior indicative of social engineering, enhancing their resilience against such coordinated attacks.

Callie Guenther, Cyber Threat Research Manager at Critical Start:
The cybersecurity incident involving Ascension reveals several intelligence implications crucial for understanding both this specific event and broader cybersecurity threats to the healthcare sector. Insights into the types of cybersecurity threats faced by organizations like Ascension help in understanding the tactics, techniques, and procedures used by attackers. This incident highlights potential vulnerabilities in network systems of large healthcare providers, raising questions about their risk profiles. Ascension’s response, including engaging Mandiant and coordinating with authorities, provides a case study in incident response that can be analyzed for effectiveness. The readiness of Ascension’s care teams to handle disruptions shows the importance of preparedness and contingency planning in critical sectors.

Compliance with healthcare regulations like HIPAA, which mandates the protection of patient information, will be scrutinized, and any legal repercussions from compromised sensitive information could influence future regulatory actions. The incident emphasizes the importance of information sharing within the healthcare sector and with government agencies to improve defense mechanisms. If attackers are from a foreign nation, this could affect global cybersecurity policies. Insights from this incident can inform long-term security strategies and influence resource allocation towards cybersecurity defenses in healthcare, enhancing preparedness for future challenges.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts