Forgot your password?
typodupeerror
Security Medicine IT

Healthcare Organizations Under Siege From Cyberattacks, Study Says 61

Posted by Soulskill
from the it's-hip-to-ignore-hippa dept.
BigVig209 sends this report from the Chicago Tribune: "A new study set to be officially released Wednesday found that networks and Internet-connected devices in places such as hospitals, insurance companies and pharmaceutical companies are under siege and in many cases have been infiltrated without their knowledge. ... In the report, the groups found from September 2012 to October 2013 that 375 healthcare organizations in the U.S. had been compromised, and in many cases are still compromised because they have not yet detected the attacks. ... 'What's concerning to us is the sheer lack of basic blocking and tackling within these organizations,' said Sam Glines, chief executive of Norse. 'Firewalls were on default settings. They used very simple passwords for devices. In some cases, an organization used the same password for everything.'"
This discussion has been archived. No new comments can be posted.

Healthcare Organizations Under Siege From Cyberattacks, Study Says

Comments Filter:
  • Low-level DDOS (Score:3, Interesting)

    by ahs_boy (125818) on Wednesday February 19, 2014 @10:36AM (#46285651) Homepage

    One of my clients is an umbrella organization for a few local community health centers, and there has been a steady stream of empty POST submissions to their website -- at the rate of about 2/second -- for about 4 straight months now. Virtually every hit is from a unique IP address, so the spoofing is either great, or the botnet is enormous. This is normally a VERY low-traffic site, so the attack constitutes about 99% of their traffic at this point.

    I'm assuming that the timing of the start of the attacks -- just as the Affordable Health Care Act came into effect -- is not a coincidence. It's a brain-dead attack, and easy to mitigate, but I'm a bit dumbfounded that it continues to this day, despite having no effect on the accessibility of their site at all.

You can do this in a number of ways. IBM chose to do all of them. Why do you find that funny? -- D. Taylor, Computer Science 350

Working...