Advisory Panel: Web Hackers
The HIStalk Advisory Panel is a group of hospital CIOs, hospital CMIOs, practicing physicians, and a few vendor executives who have volunteered to provide their thoughts on topical industry issues. I’ll seek their input every month or so on an important news developments and also ask the non-vendor members about their recent experience with vendors. E-mail me to suggest an issue for their consideration.
If you work for a hospital or practice, you are welcome to join the panel. I am grateful to the HIStalk Advisory Panel members for their help in making HIStalk better.
This question this time: Have web hackers ever impacted your operation?
Hackers did once penetrate our organization. They never got close to any HIPAA-related data. What they did do is get into our phone systems so that they could make international calls for free for a short time until we shut things down.
We have not seen any specific attacks or hacks. We have had several security audits, so I believe we are well documented and not just whistling past the graveyard. I know that larger providers in our area have had these types of attacks but I think we remain below the radar.
Aside from a virus outbreak many years ago, we have not had any known breaches or attacks that have affected our operations.
Our organization has not documented DDOS attacks, unauthorized network access, or server compromises.
Not yet. We do penetration testing / white hat hacking to help reduce our risks. I am not sure if any organization can ever reduce their risks to zero.
No. The bigger issue has been phishing.
So far, no. We use some network appliances that monitor and protect the perimeter. I’m sure it will happen some day!
Fortunately we haven’t had any major attacks or unauthorized network access. Roughly five years ago we did experience a compromised windows 2003 server hosting DNS externally for our organization. It was a known OS vulnerability and we didn’t have it patched on time. At the end of the experience we ended up removing and rebuilding the server vs. attempting to correct the unauthorized access.
We have not had any impact to date, though there have most certainly been attempts. I have a very talented IT security team that does an amazing job every day to keep us safe. I do have concerns, however, about the increasing attempts to hack us through biomedical devices. This is not an area where these vendors are very robust, so we are building capabilities to better monitor and support security in this area.
No. However, we are concerned about our ability to monitor and discover these types of activities. We continue to focus our security efforts to create a multi-layered infrastructure and provide better discovery tools for our staff members. We also feel it is important to implement as many “self-healing” security services as possible (example: the system can “see” a phishing message and automatically create a rule that protects our users, even if they click on the link).
Not hackers, but a virus. Lesson learned. Remove the exclusions from all application servers on a regular basis and run virus scan. Applications that will not run with AV scanning certain directories are places for a virus to take hold. Implementing an IPS and proper network design can help minimize the impact when something does take place.
Dr. Jayne's advice is always valuable for healthcare professionals. Thanks for sharing this informative update.