A few weeks ago, a nearby hospital, which is very similar in operations and scale to Auburn Regional, was the target of a ransomware attack. You have kept a close eye on this event. You decide to complete a review of current material available regarding ransomware attacks and especially ransomware and hospital enterprise systems.
Develop a 1- to 2-page chart. Your chart should have four columns for Authorization, Authentication, Roles, and Mitigation, as well as three columns for Small, Medium, and Large businesses. The chart should compare four attributes that are critical in enterprise systems today. Populate and extrapolate what steps can be taken to mitigate threats for small, medium, and large hospital enterprise systems.
This is a total of 7 columns! The rows are the 4 attributes noted above that you likely touched on in past assignments. This will almost certainly be a spreadsheet since it has columns (and rows are implied).
Based on your chart, provide a final recommendation on how the hospital can respond to the threat. Summarize your chart findings, provide your recommendation, and answer the following questions in a brief, 2 page executive summary to the Auburn Regional management team:
How could changes to authorization, authentication, and roles help mitigate and deal with these systems threats?
How do you verify people and security levels?
How will your recommendations alleviate the threat?
—
Ransomware in Healthcare Facilities
Small business Medium business Large business
Authorization For small businesses, the best manager for passwords is Dashlane since it has a user-friendly interface, a secure password sharing and an audit reporting that is advanced. A sender policy framework can be applied to preventing spammers from accessing the domain of a medium business. It also helps in publishing authorized mail servers. It is good for large businesses to have a contact person; policies should govern passwords’ changing. The employees have to be sensitized and informed on password access, which helps in improving productivity.
Authentication A small business or rather a hospital should use a strong password as an authentication type mechanism. Medium businesses have to use a strong username or password to prevent easy access into the systems For a large business, it is necessary to use a SMART card, Biometrics and strong passwords.
Roles The owner of the small business’s role is to set up web and email filters to avoid attacks like ransomware. For medium businesses, the manager should ensure that all wireless access points and networks are secure. For large businesses, the management should ensure that access to data and information by employees is limited.
Mitigation Backing up files in a small business is one of mitigating an attack like ransomware in small businesses. For medium businesses, it is good to have system-level protections and network-level protections. It is also good to back up files now and then. For large businesses, there should be the training set out for employees on how to deal with attacks. All files need to be backed up daily, there should be insurance that will help recover the items covered.
In a case where ransomware gains access to patient data, healthcare facilities are prone to cyber-attacks, which becomes a significant problem. A ransomware virus exploits a vulnerability such as a computer or a server that is not encrypted at rest. Still, encryption is done only to information during outgoing and incoming transactions (Brewer, 2016). in most cases, the employees are the entry point for ransomware due to their negligence by clicking the malicious files found in initial emails or receiving a second simulated phishing email.
The changes to authorization or rather an identity and access management would help the facility in the security plan since it is inseparably linked to any business or organization’s productivity and security. There is also a need for facilities and organizations to provide access to employees, vendors, partners and vendors with their own set of access requirements and restrictions. Changes in authentication mean that application login details must be changed, the password has to be changed, secret questions, predictable initial passwords, predictable user names and passwords that never expire all have to be changed.
That will help in closing the loopholes that make the systems vulnerable to authentication attacks. Changing the roles or rather role separation helps reduce the impact of a specific employee turning against the company. A manager should not be given the privilege to install software if he does not need to use it regularly (Kruse, Frederick, Jacobson & Monticone, 2017). Also, a system administrator who is not authorized to alter the database server can only ask the database administrator to document the actions taken. It helps in protecting the company from having chances of failure and privilege creep.
Security level verification is conducted by acquiring the comprehensive zone and conduit diagram, documenting all devices in boundary used in segmenting zones of higher security and the security level targets of each zone as well as finding the criteria used by the organization in determining the tolerable frequency of attacks that are successful of severity that varies (Enoch, Hong, Ge & Kim, 2020). Identity verification Helps in establishing trust online. It is done by requesting and validating more than one form of identification, such as charging a person’s credit card some amount, having to deposit some amount into a person’s bank account to make them verify the amount and sending a postcard to their address.
Backing up data is a critical step in any prevention plan. There has to be a way of restoring the encrypted files to avoid paying a ransom to continue with the business. Although with ransomware attacks backing up data may not be enough, it must also be backed up in a way that the process is not connected to computers or networks during the performance, or lest the backup also becomes held for ransom or encrypted. During a ransomware attack, the property damaged includes hardware, software, and the ERH records, which are either damaged or lost during the attack. The server equipment could also be damaged as a result of a malware attack.
Healthcare organizations are the most vulnerable to cyber-attacks. That is because of their growing dependence on computer systems by clinicians. The computer systems are used in the treatment of patients, and any attack performed on this system can cause system outages that impact patient care. Proper preparation for these attacks can reduce the damage to the infrastructure and help acquire a timely recovery from cybersecurity threats. The recovery plans need to be constantly evaluated by the IT executives as threats evolve daily.
References
Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network Security, 2016(9), 5-9.
Kruse, C. S., Frederick, B., Jacobson, T., & Monticone, D. K. (2017). Cybersecurity in healthcare: A systematic review of modern threats and trends. Technology and Health Care, 25(1), 1-10.
Enoch, S. Y., Hong, J. B., Ge, M., & Kim, D. S. (2020). Composite metrics for network security analysis. arXiv preprint arXiv:2007.03486.
