web analytics

Hospitals Hacked: Urgent Care Needed – Source: securityboulevard.com

hospitals-hacked:-urgent-care-needed-–-source:-securityboulevard.com
Rate this post

Source: securityboulevard.com – Author: Veriti Research

In recent research by Veriti, a significant cyber security breach at Change Healthcare highlighted severe vulnerabilities in healthcare data security, affecting over 1.35 million files. This breach involved multiple healthcare and insurance providers, exposing sensitive data like medical records and personal identifiers, leading to far-reaching implications. The study aims to underscore the critical need for proactive and safe remediation across interconnected healthcare networks

Example for sensitive data that was stolen:

Searching for the exposed vein: how the attackers started

In the recent attack on Change Healthcare, part of UnitedHealth Group, the ransomware group BlackCat, also known as AlphV, exploited crucial data exchange processes between healthcare providers and insurers. This breach led to the exposure of a vast array of sensitive information including medical records, financial details, and personal identifiers like Social Security numbers. The implications of such a breach are profound, affecting countless individuals and organizations connected within the healthcare ecosystem. 

Spreading like cancer: the impact of the breach 

Veriti’s research identified at least 30 organizations that were directly impacted by the breach. Among these, prominent health insurers like UnitedHealthcare, Blue Cross Blue Shield, Humana, and CareFirst have been severely affected due to their reliance on Change Healthcare for crucial data processing and claims management.

In addition to insurers, several regional hospitals and healthcare systems have felt the breach’s impact, including Erlanger Health System, Appalachian Regional Healthcare, Pelham Medical Center, and others spread across the U.S. longer-term challenges These institutions may not only be dealing with the immediate fallout from disrupted operational and financial processes, but are also facing long-term challenges related to patient trust and data security.

Tech-oriented healthcare entities like PatientPay & Epic Systems have also been impacted, facing potential risks related to intellectual property theft and loss of client confidence. Similarly, organizations with a broader humanitarian reach, such as the American Red Cross, as well as the National Council on Aging (NCOA), which deals with sensitive elderly information, are confronting issues related to the security of donor and volunteer information, which could affect their crucial operations and public perception. The exposure of such critical data places millions of individuals at risk of identity theft and financial fraud.

The geographic spread of the breach’s impact is extensive, affecting entities across multiple states, from large urban centers to smaller regional locales. The interconnected nature of modern healthcare infrastructure and the broad scale of potential disruption can stem from a single point of failure in cyber security measures.

The insights from Veriti research leads us to one conclusion for healthcare, the need to adopt continuous exposure assessment and safe remediation across the sector.

Sec and the Business: A Security Pro’s Guide to Exposure Assessments and RemediationUnderstanding the impact of remediation  is crucial for mitigating the risks associated with security actions and ensuring that these interventions do not inadvertently compromise business operations. By conducting comprehensive impact analyses before implementing remediation measures, organizations can anticipate potential disruptions and weigh the benefits of security enhancements against operational risks. This involves evaluating the potential for:

  • System Downtime
  • The effect on User Experience
  • False Positives leading to Business Disruption

Such assessments enable security teams to tailor their remediation strategies in a way that maximizes security benefits while minimizing any negative impact on business processes, ensuring that the organization maintains its operational integrity and resilience in the face of necessary security improvements.

References for Research:

Distribution by Known File Types:

File Types Per Category:

  • Document: csv, doc, fmt, html, pdf, ppt, rpt, rtf, txt, xls, xml
  • Executable: bat, cmd, dll, exe, jar
  • Data File: bcp, cfg, dat, dbf, edi, log, mdb, pgp, sql, tmp, zip
  • Image: bmp, emf, gif, img, jpg, png, tif
  • Email: email, msg

File Types Count:

pdf: 204398log: 111751txt: 61380html: 43981zip: 25655bcp: 23117csv: 16552email: 13333pgp: 7008emf: 5981xls: 5287edi: 4614grp: 3104ppq: 3034rcv: 2756png: 2529ack: 2491doc: 2127sql: 1848msg: 1614xml: 1488def: 1192rtf: 1084fmt: 927jpg: 913rpt: 716eps: 435  dll: 432pkg: 375trn: 343lnk: 340eob: 331stm: 250941: 231pcx: 203mdb: 193err: 185asc: 172lxf: 167exe: 153dat: 150duc: 143dbf: 141tgz: 133prg: 131era: 129000: 112271: 100837: 99out: 99don: 98url: 91dtd: 90pma: 90 trc: 83pdb: 78gif: 78css: 75bad: 74bch: 71xlk: 70cmp: 64fix: 64sfv: 64bat: 63hrr: 61ini: 58inq: 55hrn: 50prt: 45ttf: 44wav: 39del: 38tag: 37cli: 35cdx: 35ppt: 35ghr: 32bak: 30ldf: 29hhr: 28 vsd: 28msi: 27bmp: 26cfg: 24obj: 24tmp: 23cab: 23chm: 23cpp: 22nte: 21img: 21tif: 20cmd: 20jar: 18 

Distribution of File Sizes in Megabytes:

File count by Associated Organization:

San Mateo County Health: 105756Epic Systems Corporation: 57639OpenText StreamServe: 49099Community Oncology Alliance: 45406Pelham Medical Center: 34893Health Partners Plans: 31955University Medical Center: 16183Carolinas Medical Center: 2606PatientPay: 8227American Red Cross: 5416Appalachian Regional Healthcare: 5127Arkansas Best Corporation: 3124Community Health Centers: 2606Appalachian Regional Healthcare in Montana: 2415Humana Inc.: 2015 Erlanger Health System: 1947Anthem Inc.: 1934Aetna Inc.: 1831UnitedHealthcare: 1692Geisinger Health: 1572Massachusetts Nurses Association: 1511Blue Cross Blue Shield: 944Palmetto GBA: 1449MedicAid: 620Change Healthcare: 781CareFirst: 551NCOA: 573Whitesburg: 494Middlesboro: 459McDowell: 443

Life Support aka Safe Remediation

The final analysis on Change Healthcare reveals a compelling narrative on the critical need for safe and calculated remediation strategies in the healthcare sector. Addressing vulnerabilities  with smart remediation plans is essential to ensure that necessary security updates do not lead to unintended consequences such as system downtime, degraded user experience, or operational disruptions due to false positives. This approach helps maintain the operational integrity and trust essential in healthcare, ensuring systems remain robust and secure while minimizing impacts on critical healthcare services and patient care.

The post Hospitals Hacked: Urgent Care Needed appeared first on VERITI.

*** This is a Security Bloggers Network syndicated blog from VERITI authored by Veriti Research. Read the original post at: https://veriti.ai/blog/hospitals-hacked-urgent-care-needed/

Original Post URL: https://securityboulevard.com/2024/05/hospitals-hacked-urgent-care-needed/

Category & Tags: Security Bloggers Network,Blog,research – Security Bloggers Network,Blog,research

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Codrut Andrei
Secure Software Development Lifecycle Fundamentals by Codrut Andrei
Secure Software Development Lifecycle Fundamentals...
BUTTERWORTH-HEINEMANN
Security Operations Center Guidebook – A Practical Guide for a Successful SOC
Security Operations Center Guidebook –...
CISO Forum
CISO’s – First 100 Days Roadmap – Your success as a security leader is determined largely by your first 100 days in the role.
CISO’s – First 100 Days...
RedHat
State of Kubernetes Security Report 2022 by RedHat
State of Kubernetes Security Report...
National Cyber Security
Cyber Security Toolkit for Boards – Helping board members to get to grips with cyber security by NCSC
Cyber Security Toolkit for Boards...
WILEY
Cybercrime Investigators Handbook by WILEY
Cybercrime Investigators Handbook by WILEY
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...

LASTEST PUBLISHED POSTS

Hacker Combat
How are Passwords Cracked ? by Hacker Combat.
How are Passwords Cracked ?...
N/A
Security Metrics & KPIs for Measuring SOC Success – Measure Up: How SOC Metrics Elevate Your Security Posture.
Security Metrics & KPIs for...
Sectrio
The Global OT & IoT Threat Landscape Assessment and Analysis rEPORT 2024 by Sectrio Threat Research Lab Initiative.
The Global OT & IoT...
ISA SECURE
The Case for ISA/IEC 62443Security Level 2 as a Minimumfor COTS Components
The Case for ISA/IEC 62443Security...
Huntress
2024 Cyber Threat Report
2024 Cyber Threat Report
NACD - Intenet Security Alliance
2023 Director’s Handbook on Cyber-risk Oversight
2023 Director’s Handbook on Cyber-risk...
Devoteam
14 Cybersecurity Trends for 2024
14 Cybersecurity Trends for 2024
IGNITE Technologies
MEMORY FORENSICS VOLATILITY
MEMORY FORENSICS VOLATILITY
CAREER UP
7 Steps to your SOC Analyst Career
7 Steps to your SOC...
National Cyber Security Centrum
Managing Insider Threats
Managing Insider Threats
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...

More Latest Published Posts

Accenture
THE NEXT-GENERATION Building a Digital Central Bankfor a Digital Age
THE NEXT-GENERATION Building a Digital Central Bankfor a Digital Age
Thecyphere
Microsoft EntraID (Azure)ConditionalAccess
Microsoft EntraID (Azure)ConditionalAccess
aws
AWS Security Incident Response Guide
AWS Security Incident Response Guide
Government of South Australian
South Australian Cyber Security Framework
South Australian Cyber Security Framework
NAO -National Audit Office
Audit and Risk Assurance Committee Effectiveness Tool
Audit and Risk Assurance Committee Effectiveness Tool
WWW. D E V S E COP S G U I D E S . CO M
Attacking Docker
Attacking Docker
W W W . D E V S E C O P S G U I D E S . C O M
Attacking AWS – Offensive Security Aproach
Attacking AWS – Offensive Security Aproach
ENISA
Artificial Intelligence and Cybersecurity Research 2023
Artificial Intelligence and Cybersecurity Research 2023
MuleSoft
API Security Best Practices – Protect your APIs with Anypoint Platform
API Security Best Practices – Protect your APIs with Anypoint Platform
Green Circle
All about Security Operations Center
All about Security Operations Center
DAZZ
A Guide to Building a Secure SDLC – Which Scanning Tools Should I look at, and where do they go?
A Guide to Building a Secure SDLC – Which Scanning Tools Should I look at, and where do they go?
zimperium
2023 Mobile Banking Heists Report
2023 Mobile Banking Heists Report
40 under 40
40 under 40 in CyberSecurity 2024
40 under 40 in CyberSecurity 2024
HADESS
40 Days in DeepDark Web About Crypto Scam
40 Days in DeepDark Web About Crypto Scam
Everbridge
8 Principles of Supply Chain Risk Management
8 Principles of Supply Chain Risk Management
CHAOSSEARCH
Threat Hunter’s Handbook – Using Log Analytics to Find and Neutralize Hidden Threats in Your Environment
Threat Hunter’s Handbook – Using Log Analytics to Find and Neutralize Hidden Threats in Your Environment
ENDGAME
The Hunters Handbook Endgame’s Guide to Adversary Hunting
The Hunters Handbook Endgame’s Guide to Adversary Hunting
THE EU’S MOST THREATENING by EUROPOL
THE EU’S MOST THREATENING by EUROPOL
National Cyber Security Centre
Responding to a cyber incident – a guide for CEOs
Responding to a cyber incident – a guide for CEOs
IGNITE Technologies
CREDENTIAL DUMPING
CREDENTIAL DUMPING
HADESS
Pwning the Domain Lateral Movement
Pwning the Domain Lateral Movement
Jorgen Lanesskog
PING Basic IP Network Troubleshooting
PING Basic IP Network Troubleshooting
TELESOFT
Layer 7 Visibility What are the Benefits?
Layer 7 Visibility What are the Benefits?
TIGERA
Introduction to Kubernetes Networking and Security
Introduction to Kubernetes Networking and Security
Department of Defense's (DoD)
Defense Industrial Base Cybersecurity Strategy 2024
Defense Industrial Base Cybersecurity Strategy 2024
Dummies
Zero Trust Access for Dummies Fortinet
Zero Trust Access for Dummies Fortinet
Homeland Security
Zero Trust Implementation Strategy
Zero Trust Implementation Strategy
National Australia Bank Limited
Your Business and Cyber Security
Your Business and Cyber Security