Bronx-Lebanon hospital data breach
Question:
Discuss about the Data Compromised in Bronx Lebanon.
According to (Techopedia, 2017) a computer security breach is any event that results in unapproved data, applications, services, networks and device access by circumventing their primary security tools. A security breach transpires when a person or a system unlawfully intrudes private and unauthorized IT systems. Technology is increasingly advancing, but so is cybercrime. The number of data breaches tracked by June 2017 has increased by over 700 records, compared to 2016 in the same period of time (Urrico, 2017). The number is expected to rise to about 1,500 by the end of the year. This report discusses two recent computer data breaches in two parts; Part A comprises of the Bronx-Lebanon hospital data breach that occurred in May 2017. Part B contains of the latest ransom ware cyber-attack that also happened in May 2017.
In May 2017, Bronx Lebanon Hospital Center based in New York City was infiltrated revealing the medical records of thousands of users. The breach exposed at least 7000 patients’ records (Cohen, 2017). The leaked data unveiled patients’ records between 2014 and 2017 including HIV statuses, medical health diagnoses, domestic violence and sexual assault reports alongside patient names, social security numbers, physical addresses, religion and addiction history (Cohen, 2017).
The Bronx Lebanon Hospital data breach occurred after a Rsync backup server used to transfer and synchronize files through computer systems, hosted by iHealth Solutions, a third-party records management provider, was left in a vulnerable state (O’Hara, 2017). iHealth was managing the medical records for the Hospital. The Rsync server is said to have been misconfigured and was therefore at a great security risk. (Sehgal, 2017) . This left the server exposed making it an easy target for hacking. The attacker was able to hack into the backup server hosted by iHealth, and expose patients records (Sehgal, 2017). It is not known the actual length of time patient records were exposed. According to a statement by iHealth, only one person gained unapproved access to the records and there’s no indication the records have been used inappropriately.
It is not yet clear why the attacker hacked into the server containing patients’ records. However, hackers are increasingly targeting health care industries because of the following reasons. First, health industries store large volumes of personal information that could be used for financial fraud including names, social security numbers, and payment details (Davis, 2016). They also hold personal insurance facts, which can be peddled online in black markets and used to commit medical fraud including attaining unpaid medical care or acquiring costly medical materials (Davis, 2016).
WannaCry ransomware cyber-attack
Like stated above, technology is increasingly advancing. There are numerous emerging and disruptive technologies for businesses to adopt including accessing software, cloud space and infrastructure over the Internet. However, there are risks involved with regards to adopting technological advancements. The issue of security with upcoming technologies. The Bronx Lebanon Hospital data breach occurrence indicates trends in business organizations where such establishments implement new technology architectures, but fail to protect and secure such systems. Using a third party vendor becomes even more risky when it comes to offering security. Following are possible measures that can be implemented to secure such systems according to (Wabo, 2016)
- Secure all computer systems including those that may not be considered significant
- Train employees on how to use technologies securely without exposing them to hackers
- Updating security procedures occasionally. Hackers are always implementing new methods of trying to intrude systems. Updating security procedures periodically guards against attacks that result from lack of system security updates.
- Reduce data transfers which may be tampered with or trespassed
- Encrypt all company data and information
- Ensure that only authorized and approved persons access data and information systems
- Install security infrastructure for data systems
- Make use of passwords to reduce illegal access to computer systems
- Implement 2 Factor Authentication(FA) which implements a stronger layer of security that requires more than a password and a user name to include another feature that only the user knows (SecurEnvoy, 2016)
- Implement intrusion detection systems(IDS) to detect attempt to access computer systems
- Securing all network systems to ensure data intrusions and data attacks
- Use updated software’s in computer systems and install software patches which can make systems susceptible to attacks
May 2017 saw a good number of countries worldwide suffer a ransom ware cyber-attack known as WannaCry. The ransom ware is crypto worm that quickly spreads through computer systems via the Internet. The attack was directed at workstations executing operating systems from Microsoft Windows. WannaCry attacked systems by encrypting data and demanding ransom payments in form of the Bit coin (BBCNews, 2017) . The attack first started on May 12, 2017, and had been reported to have infested over 220,000 computers in over 150 countries (Perlroth, Scott, & Frenkel, 2017). The ransom ware, named WannaCry, encoded data on more than 70,000 computers in about 99 countries. A ransom was demanded to decrypt all the systems that were encrypted (Perlroth, Scott, & Frenkel, 2017). The attack started on the Ukrainian government and business computer systems (BBCNews, 2017). The attack then spread from Ukraine, affecting computer systems around the world (Perlroth, Scott, & Frenkel, 2017). European states, together with Russia, were amongst the worst hit by the attack (BBCNews, 2017). The attack was contained, slowed down and stopped by the use of a kill switch by a security researcher, but the danger is not yet over (BBCNews, 2017).
According to an article on the New York Times by (Perlroth, Scott, & Frenkel, 2017), In Ukraine, where it all started, the attack affected Ukraine’s Infrastructure Ministry, the national railway company the postal service, and Ukrtelecom – one of the country’s principal communications companies. In Britain, the health care systems were affected whereby the hospitals were locked out of their systems and doctors could not call up patient files. In the UK, National Health Service (NHS) staff showed screen-shots of the WannaCry worm, which claimed a payment of about $300 in bit coin currency to decrypt computer files. The attack targeted computer systems in many other countries such as fedEx in the US. In Spain Telefonica company was a target while MegaFon in Russia was also affected (Perlroth, Scott, & Frenkel, 2017). The attack spread for five days across Ukraine, and all over the world in other countries including Germany, France, Portugal, China, Indonesia, South Korea, Spain, Italy, Sweden and India among others (BBCNews, 2017). On entering computer systems, the attack would encrypt al the files and shut down the systems such that they could not be used until decryption was done by the hackers after the affected organizations paid a ransom.
Risks of adopting technological advancements
It is still unclear who is behind the May 2017 global cyber- attack. However, the tool that made the attack possible is alleged to have been established by US’s National Security Agency (NSA) to make use of a flaw originating from Microsoft’s Windows operating system (Rizkallah, 2017). This exploit, identified as Eternal Blue – was taken by Shadow Brokers, a group of hackers who made available freely in April as a way of protesting against President Donald Trump. The WannaCry ransom ware spreads by means of EternalBlue, a flaw in some of the rules of Windows’ Server Message Block (SMB). The attack was initiated through a phishing attack. Once it affected a computer system, it then spread across computer systems as a computer worm.
The attack hit users and organizations that were still using old Microsoft Windows operating systems. Those who were still executing old versions of Microsoft Windows that the company is no longer supporting, including Windows XP operating system and Windows Server 2003, were originally at risk. However, Microsoft was able to release an alternative security patch for these operating systems (Warren, 2017). Practically, all the organizations hit by the cyber-attack were running on Windows 7. Some measures that could have been used to prevent the attack include software patches. The security patch released by Microsoft was able to protect the computers against the attack if they were updated by installing it (BBCNews, 2017). The corruptions seemed to be arrayed via a computer worm that was spreading about on the Internet. Securing computer network systems would also have prevented the attack. It was reported that the attack started as a phishing email attack. Training users on system security would have also helped avoid such an attack since users would be able to detect authorized from unauthorized parties.
Conclusion
Computer technology keeps emerging. Newer technological advancements are developing every other day. Technologies such as the Internet of things only makes many more interconnections, which increases system and computer networks vulnerabilities. Increasing technology also means increased computer attacks. Cyber security – which is a body that comprises of tools, procedures and technologies aimed at protecting computers programs and systems from attack, damage or unauthorized access is growing increasingly (Rouse, 2016). According to Forbes, the global cyber security market extended to about $75 billion in 2015 and is projected to reach above $160 billion by 2020 (Rizkallah, 2017). Organizations cannot afford to secure some systems they consider important and leave out others. Businesses have to implement secure systems to safeguard their data and information. Lack of which puts them under high risks of information loss and manipulation. Companies have to install security policies and procedures to be able to prevent future data breaches. Also, companies should invest in training employees on how to deal with securing their systems as a lot of hackers use either phishing or social engineering attacks to acquire log in details from unsuspecting employees. This is the only way to prevent and be in a position to deal with such attacks when they occur.
References
BBCNews. (2017, May 13). Cyber-attack: Europol says it was unprecedented in scale. Retrieved from BBC News: https://www.bbc.com/news/world-europe-39907965
Cohen, J. K. (2017, May 11). 7,000+ people affected in New York hospital data breach: 4 things to know. Retrieved from Beckers Healthcare: https://www.beckershospitalreview.com/healthcare-information-technology/7-000-people-affected-in-new-york-hospital-data-breach-4-things-to-know.html
Davis, T. (2016, March). Why hackers want your health care information, and how easy it is to get. Retrieved from Dallas News: https://www.dallasnews.com/business/health-care/2016/03/28/why-hackers-want-your-health-care-information-and-how-easy-it-is-to-get
O’Hara, M. E. (2017, May 10). Thousands of Patient Records Leaked in New York Hospital Data Breach. Retrieved from NBC News: https://www.nbcnews.com/https://www.nbcnews.com/news/us-news/thousands-patient-records-leaked-hospital-data-breach-n756981
Perlroth, N., Scott, M., & Frenkel, S. (2017, June 27). Cyberattack Hits Ukraine Then Spreads Internationally. Retrieved from New York Times: https://www.nytimes.com/2017/06/27/technology/ransomware-hackers.html?mcubz=0
Rizkallah, J. (2017, August 25). The Cybersecurity Regulatory Crackdown. Retrieved from Forbes: https://www.forbes.com/sites/forbestechcouncil/2017/08/25/the-cybersecurity-regulatory-crackdown/#4c8f13674573
Rouse, M. (2016). cybersecurity. Retrieved from TechTarget: https://whatis.techtarget.com/definition/cybersecurity
SecurEnvoy. (2016). What is 2FA? Retrieved from Secur Envoy: https://www.securenvoy.com/two-factor-authentication/what-is-2fa.shtm
Sehgal, S. (2017, May 19). Over 7,000 Patients’ Data Compromised in Bronx Lebanon Hospital Data Breach. Retrieved from https://securingtomorrow.mcafee.com/business/7000-patients-data-compromised-bronx-lebanon-hospital-data-breach/
Techopedia. (2017, August 26). Security Breach. Retrieved from Techopedia: https://www.techopedia.com/definition/29060/security-breach
Urrico, R. (2017, August 26). Top Data Breaches of 2017. Retrieved from Credit Union Times: https://www.cutimes.com/2017/07/21/top-data-breaches-of-2017
Wabo, B. (2016, October 11). 14 Ways to Prevent Data Breaches in Your Organization. Retrieved from A-lign.com: https://www.a-lign.com/14-ways-prevent-data-breaches-your-organization/
Warren, T. (2017, May 13). Microsoft issues ‘highly unusual’ Windows XP patch to prevent massive ransomware attack. Retrieved from The Verge: https://www.theverge.com/2017/5/13/15635006/microsoft-windows-xp-security-patch-wannacry-ransomware-attack