Problems at Unity Point Health
The following paragraphs describe about the data breach that took place at Unity Point health meriter hospital. The system of the hospital faced a phishing attack that compromised the data of about 1.4 million patients. There are several problems that occurred due to this data breach. The problems and issues that took place are discussed in the following paragraphs. The report also emphasizes on the impact of this phishing attack on the business of the hospital and the people. The measures that were taken by the hackers to perform the phishing attack are illustrated in the report. The also provides recommendations to prevent these types of attacks in future.
The Unity Point health, a multi-hospital delivery system that serves Lowa, Illinois and Wisconsin, faced a data breach in February 2018 that compromised the details of about 1.4 million patients (Davis, 2018). The health centre became the victim of a phishing attack that compromised the email accounts of some employees. The problem that took place due to this data breach was that the confidential data of the hospital was being accessed by the hackers. It gave the attackers access to the internal email account of the Unity Point health which was a significant problem as the hackers could have misused the confidential data of the organisation or patients. The major issue that the hospital faced was the unauthorised access of the hackers to the private details of the patients through the email accounts of the organisation that were compromised due to the phishing attack (Chhikara et al., 2013). The data breach was not identified by the Unity Point Health for some months that gave the hackers access to the data of the patients and confidential information of the organisation.
The Unity Point health suffered two consecutive data breaches in a gap of about four months. The first data breach that was faced by the organisation did not affect a large number of patients. The breach took place due to the phishing attack on the email account of an employee. Another data breach was reported by the Unity point that affected 1.4 million patients and the data of the organisation. The email accounts of the employees were hacked through the phishing attack (Leventhal, 2018). The internal emails of the organisation were being accessed by the hackers for one month that contained the confidential information of the Unity Point hospital. The details of the patients were also compromised due to the data breach that included names and contact details, addresses, email ids, medical reports, treatment information and other personal information of the patients (Gordon, Fairhall & Landman, 2017). The compromised information and data of the hospital included social security numbers, license numbers of the drivers, confidential data and health records of many customers. It was suspected the bank account details of the organisation and patients were also breached that included account numbers of the bank and details of the payment card.
Impact on the Organisation and People
It was revealed that a number of fraudulent emails were being received by the Unity Point and it appeared that the emails were coming from a trusted executive of the organization. The emails were phishing emails that were generated by the hackers and it asked the employees to reply with their confidential login details. The employees, unknowingly, provided their private sign-in details to the hackers by replying to the emails and it gave attackers access to the internal email accounts of the organisation for one month (Donovan, 2018). The accounts that were compromised included details of the emails, attachments to the emails including standard reports that were related to the health-care operations, protected health information and personal information of several patients. It was observed that the phishing attack focused more on diverting the business funds including vendor payments or payroll. The hackers got access to the personal information of the patients through the emails of the employees that contained data of the patients in the body of the email or in the attachments of the compromised emails.
The passwords of the compromised email accounts were reset by the Unity Point hospital after the attack. The phishing attacks can be prevented by the organisation in future conducting mandatory education regarding the phishing attacks for the employees, adding some security tools that can identify the suspicious emails and by implementing multi-factor authentications (Shekokar, 2015). The organisation is required to implement web filters that are configured to deny access to the unauthorised and fake websites or malicious websites in order to prevent phishing attacks. The web filter blocks downloading of the files that are associated with the malware (Sahu & Dubey, 2014). The employees should first make sure that the email is authorised before replying with the confidential data.
Conclusion:
It can be concluded from the above discussion that the data breach faced by the Unity Point compromised the confidential data of the organisation and personal information of many patients. The organisation became victim of the phishing attack that affected the email accounts of several employees containing the confidential information of the Unity Point. The attack gave the hackers access to the internal emails of the organisation and it compromised several personal information of the patients. The phishing attacks can be prevented by implementing some security tools that can recognise the suspicious emails (Banu & Banu, 2013).
The following paragraphs describe about the massive WannaCry and Petya attacks that were faced by the Taiwan Semiconductor Manufacturing Company, the largest producers of the processors and semiconductors and Maersk, the largest container shipping company in the world respectively. The report highlights that how the attacks affected the companies and the people. The ways through which the attacks were carried out are also discussed in the following paragraphs. The report also provides the measures and recommendations in order to prevent such ransom ware attacks in the future.
Accomplishment of the Attack
The Taiwan Semiconductor Manufacturing Company (TSWC) faced a WannaCry attack on July 2018 (Wu, 2018). The malware attack resulted in closure of many plants of the organisation that had an impact on the production of the company. The employees were unable to operate the tools that were infected and as a result, the company shut down the plant. The WannaCry attack faced by the company resulted in delay in production and shipping of the products. This cyber-attack that resulted in shut down of the several factories of the company had an impact on the performance of the company in the market. The company went through a financial loss due to the malware attack faced by the company. However, the Petya attack that was faced by the Maersk company infected the computers and servers of the company (Jasper, 2017). The workers were not able to access the data of the affected systems and therefore, the company had to replace forty five thousand computers, four thousand servers and install twenty five hundred software. The operation of the shipping are run through the computer system by the company, therefore the whole system of the company was affected by this attack. Maersk had to reinstall its entire infrastructure to resume the work of the company.
It was confirmed by the company that the WannaCry ransom ware was injected into the systems of the company. The outbreak of the virus that took place was due to the misoperation that was held during the instalment of a software for a new tool. It caused the virus to spread to the other machines or systems of the company when the infected tool was connected to the computer network of the company. The attack took place due to the instalment of the software tool without being isolated properly and it was confirmed to be free from virus or malware. (Porteous, 2018). The Taiwan Semiconductors Manufacturing Company confirmed that the incident took place due to negligence as the software tool was installed without being scanned and as a result, the systems of the company got infected by the WannaCry ransom ware. However, it was found that the Petya ransom ware was injected into the systems of the Maersk through the update server of MeDoc. The hackers compromised the update server of the software by injecting Petya ransom ware. It was injected in the systems of the company when the employees updated the software of their systems. It spread to entire system of the company when the infected computer was connected to the server of the company.
Prevention of Future Attacks
The Taiwan Semiconductor Manufacturing Company restored the data of the systems that were infected due to ransom ware attack, however the company can prevent its system from being attacked by the ransom ware or malware by giving proper training to its employees (Mohurle & Patil, 2017). The company can educate its employees to remain prevented from the WannaCry ransom ware attacks by giving them proper training. The employees are required to not to click on the suspicious or malicious links and any attachments on the web pages to remain prevented from the ransom ware attacks. It is required by the company to install appropriate anti-virus software in all the systems and servers of the company (Williams, McGraw & Migues, 2018). The files and data of the system that are affected by the ransom ware become inaccessible, therefore the companies should keep a backup of the data of the organisation to prevent any data loss due to any cyber-attack. However, the Maersk company reinstalled its entire system within ten days and adopted several measures to avoid such attacks in future. The Petya ransom ware can be prevented by instalment of proper antivirus software in each system of the company such as firewall (Mattei, 2017). It is required by the organisations to update the antivirus software regularly to avoid malware attacks in future.
Conclusion:
It can be concluded from the above discussion that the Taiwan Semiconductor Manufacturing Company was hit by a WannaCry ransom ware attack in July 2018. The incident took place due to the instalment of a software tool without being scanned properly. The cyber-attack made the company shut down the several factories as the systems that were infected became inaccessible. However, the Petya ransom ware attack that took place at Maersk company affected the entire system of the company. The Maersk had to reinstall its entire system after the attack. It took place due to update of a malicious software
References:
Banu, M. N., & Banu, S. M. (2013). A comprehensive study of phishing attacks. International Journal of Computer Science and Information Technologies, 4(6), 783-786.
Chhikara, J., Dahiya, R., Garg, N., & Rani, M. (2013). Phishing & anti-phishing techniques: Case study. International Journal of Advanced Research in Computer Science and Software Engineering, 3(5).
Davis, J. (2018). 1.4 million patient records breached in UnityPoint Health phishing attack. Retrieved from https://www.healthcareitnews.com/news/14-million-patient-records-breached-unitypoint-health-phishing-attack
Donovan, F. (2018). UnityPoint Allegedly Mishandled Healthcare Data Breach. Retrieved from https://healthitsecurity.com/news/unitypoint-allegedly-mishandled-healthcare-data-breach
Gordon, W. J., Fairhall, A., & Landman, A. (2017). Threats to Information Security—Public Health Implications. New England Journal of Medicine, 377(8), 707-709.
Jasper, S. (2017). Russia and Ransomware: Stop the Act, Not the Actor.
Leventhal, R. (2018). UnityPoint Health Notifies 1.4M Patients of Data Breach Caused by Phishing Attack. Retrieved from https://www.healthcare-informatics.com/news-item/cybersecurity/unitypoint-health-notifies-14m-patients-data-breach-caused-phishing-attack
Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons from the Recent WannaCry Cyberattack. World neurosurgery, 104, 972-974.
Mohurle, S., & Patil, M. (2017). A brief study of wannacry threat: Ransomware attack 2017. International Journal of Advanced Research in Computer Science, 8(5).
Porteous, H. (2018). Cybersecurity: Technical and Policy Challenges. Library of Parliament.
Sahu, K. R., & Dubey, J. (2014). A survey on phishing attacks. International Journal of Computer Applications, 88(10).
Shekokar, N. M., Shah, C., Mahajan, M., & Rachh, S. (2015). An ideal approach for detection and prevention of phishing attacks. Procedia Computer Science, 49, 82-91.
Williams, L., McGraw, G., & Migues, S. (2018). Engineering Security Vulnerability Prevention, Detection, and Response. IEEE Software.
Wu, D. (2018). Terms of Service Violation. Retrieved from https://www.bloomberg.com/news/articles/2018-08-04/tsmc-takes-emergency-steps-as-operations-hit-by-computer-virus
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
