Description
Hi
Hi
Topic on :
Outline of New Jersey spine center breach
Below is the summary and outline of peach tree orthopedic clinic breach. Refer to it.
And a Final paper minimum of 6 pages and include proper APA format and APA references.
need good quality research on the above topic and include proper content in the paper. No plagarism.
Unformatted Attachment Preview
Purchase answer to see full attachment
Explanation & Answer
Attached.
Running head: NEW JERSEY SPINE CENTER ATTACK
New Jersey Spine Center Attack
Name
Professor
Institution
Course
Date
1
NEW JERSEY SPINE CENTER ATTACK
2
New Jersey Spine Center Attack
On 27th July 2016, a ransom ware was installed in New Jersey Spine Center’s system.
The systems antivirus software only detected the malicious software after it had encrypted the
institution’s files. The malicious software made it impossible for the institution to access its
backup files that it had stored. The data that was encrypted included files belonging to a total of
28,000 patients. Some of the data that was encrypted included social security numbers, name,
credit card numbers and addresses (Arndt, 2017). The software also was spread through all email
attachments that were related to the institution. After the attack, it was impossible for the health
care institution to use the files that contained information related to patients. All the
electronically stored medical records in the institution were rendered unusable and the
organization suffered great loss.
Besides medical records, there was other kind of information that was encrypted through
the attack. For instance, demographic information and the date of birth for patients were also
lost. The malware went to an extreme when it affected the phone systems and backup making
them disabled. This was a major effect to the company’s activities where there was cut off
communication and the backup systems could not assist the institution in retrieving the lost data
(Small, 2016). At this time, the whole New Jersey Spine Center was brought into a standstill as it
was hard to operate without having the historical information on patients and information related
to their conditions. The cryptowall malware had a varied version so that it was hard for security
companies to crack the code and gain access to the encrypted information. The attack left the
institution with only three choices in order to get back information and data that was lost.
NEW JERSEY SPINE CENTER ATTACK
3
The only way through which the facility could access the lost information was through
accepting that it had lost its important data on patients. This would mean that the institution
would be tasked with gathering data from patients once again and making new reports about
their health conditions. The process would be lengthy and there would be mistakes arising from
new diagnoses or inconsistency in information related to patients. The second option would be
recovering the files from the facility’s backup. This has already been made impossible by the
malware as encryption had been made on the data stored in backups. This was not an option for
the company as it was already made impossible (Geen, 2016). The third option was to pay a
ransom to the attackers so that they could provide a decryption key to the institution. This was
the only viable option for the institution as the other options would only make the facility forego
its original data and this was expensive. However, paying a ransom meant that the facility would
get back its data and continue using it when taking care of its patients. The option was expensive
but the center took it as the best option where it bought back its data and information. The
buying was an expensive option for the institution but since there was no better choice, it was left
as the only option that could enable the facility continue with its treatment procedures to patients.
Patient’s information that was contained in the encrypted files was important in making
some decisions by doctors. In addition, the data contained information on the payment details for
patients and their places of residence as well as those who took care of them while they were still
in the health care facility. After paying a ransom, data was regained on 1st August 2017. From
the security team, the malware had utilized the passwords and automated programs that were
stolen from the institution which had enabled the hackers to encrypt the information (Hagland,
2016). Clinical information about patients, their procedures, official notes and reports on how
they were progressing through treatment were contained in the encrypted data. The breach that
NEW JERSEY SPINE CENTER ATTACK
4
took place in the facility had brought its activities come to a stop as most of the information
about patients was stored in the computer systems. The facility had reported the attack to the
Department of Health and Human Services Office for Civil rights and stated the number of
patients who were affected.
Through the malware, it was likely that the health care facility could not perform
procedures on patients as there was no evidence of what was supposed to be done. It was also
hard for the nurses to assist the doctors as they did not have all the information related to
different patients. In this case, patients were made to suffer as some services could not be offered
without the information and data on these patients (Jayanthi, 2016). In addition, the malware
affected the operations of every member in the healthcare organization could not perform their
duties as everything was being controlled through the computer systems. The breach al...