When a company’s systems are hacked, it can have serious financial ramifications. When a hospital falls prey to a cyber attack, it can have devastating consequences to its patients as well. Hollywood Presbyterian Medical Center was just attacked and it’s interfering with their day-to-day operations. Staff at the hospital told a reporter that the computer system was hacked and was being held ransom for 3.4 billion in bitcoins. The hackers will provide information on how to restore the system if the ransom is paid.
The hospital is severely hindered in its ability to care for patients while the systems are down. The computers are used to document patient care, transmit lab work, share x-rays and CT scans, and much more. In addition, any medical records of patients previously at the hospital are inaccessible because of this attack.
After an attack like this, it’s very easy to point fingers and lay blame. But the truth is that it’s not always easy to determine where the vulnerabilities are in a system. In this case, the attack most likely resulted from:
1. A gap in security controls – there may have been no antivirus software protecting the hospital’s systems. Or there may have been no access control solution, enabling a hacker to easily get into the system and wreak havoc.
2. Failure of an existing control – there may have been antivirus software protecting the system but it wasn’t kept up to date.
So how could the hospital have prevented this from happening? Pathlock’s Cyber Governance solution provides continuous security controls monitoring that would have identified control failures and the associated systems as leading risk indicators. It would link the vulnerability to the risk of service unavailability if it wasn’t corrected and an attack occurred. Basically, it raises a red flag to clearly show vulnerabilities and what the impact to the business would be.
But what if the malware was downloaded by a user after clicking on an email link? The malware installed on the user device may start sending and receiving messages from a remote command and control server. This could have been caught with an anomaly detection solution. Pathlock’s Cyber Governance would then correlate the compromised IP (malware alert, botnet alert) with its accessibility to the hospital’s critical systems. In addition, if the malware was sending patient records from the hospital’s database to an external IP, the Pathlock’s Cyber Governance would report on the sensitive data requests from external IP or non-typical IPs.
Don’t wait for a cyber attack to expose your vulnerabilities. Find out how Pathlock’s Cyber Governance automates the linkage between your cyber policies and standards with underlying controls, highlighting areas of exposure. Contact Pathlock today.