Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Case Study 3 Details of the Cyberattack The centre was alerted to the possibility of an attack when a member of staff said they were

Case Study 3
Details of the Cyberattack
The centre was alerted to the possibility of an attack when a member of staff said they were having
problems opening a document. Upon investigation, it was discovered that all documents on the network
share had long names. Suspecting a cyberattack, the network was quickly disconnected from the
Internet. It was then discovered that all files and folders on all network shares had been encrypted.
There was a single text file in every folder acknowledging the presence of ransomware along with
instructions on payment.
The centre had a two-level backup system in place. One was using
an external hard drive to back up all documents in personal and
network shares. The second was a magnetic tape system where the
Exchange server and all emails were backed up. Unfortunately, it
was determined that the external hard drive had failed over two
months prior to the incident. This meant that the last known good
backup was 60 days old. No alerts were issued to inform the centre
of this failure. The tape backup was unaffected. Financial and EMR
data was stored in the cloud and was unaffected.
A decision was made to contact the cyberattacker(s). Within a matter of hours, they received a reply
asking for more details (e.g. number of machines affected, size of the organization, server operating
systems). Realizing that doing this alerted the cyberattacker of a potential victim (and could also
potentially affect the size of the ransom that would be requested), they immediately blocked the email
address and domain. Back to reassessing the damage, it was decided to delete all the encrypted files and
folders and fall back to the last known good backup that was done two months earlier. This decision was
made fairly quickly since the number of files generated by users in that time span was determined to be
fairly small. Within a matter of a few hours after the attack, the centre was operational again.
During the root cause analysis, it was discovered that there was a Windows 2003 server setup for remote
access with an Internet-facing external port. It appeared that this server was used by a past system
administrator for off-site administration. The current administrator was unaware of this as there was no
previous system infrastructure documentation. It was through this server that unauthorized network
access was achieved.
Insurance
The centre did reach out to their insurer who indicated that since they were not negotiating with the
cyberattackers, they would not intercede.
Costs
Costs were associated with staff time working directly on the restore for an entire day.
You have to know your
systems and architecture;
every single part of it.
-System Administrator
Data Security Case Study
After reading the case study, discuss the following:
1. Describe each case study?
2. What were the effects of each breach?
3. How could healthcare information technology and technical
safeguards aid in these situations?
4. What else could have been done to prevent the breaches?

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

THE Classroom Management Book

Authors: Harry K. Wong, Rosemary T. Wong, Sarah F. Jondahl, Oretha F. Ferguson

1st Edition

9780976423331

More Books

Students also viewed these General Management questions

Question

Find the points where r(t) intersects the xy-plane.

Answered: 1 week ago

Question

Has each action got a clear and measurable outcome?

Answered: 1 week ago

Question

Have you eliminated jargon and unexplained acronyms?

Answered: 1 week ago