incidence Handling and response

Content Type

User Generated

User

Faruvgun

Subject

Computer Science

Description

Topic on :

Outline of New Jersey spine center breach

Below is the summary and outline of peach tree orthopedic clinic breach. Refer to it.

And a Final paper minimum of 6 pages and include proper APA format and APA references.

need good quality research on the above topic and include proper content in the paper. No plagarism.

Unformatted Attachment Preview

Running head: NEW JERSEY SPINE CENTER BREACH SUMMARY New Jersey Spine Center Breach Summary Table of contents Summary of New Jersey spine center breach…………………………………3 1 NEW JERSEY SPINE CENTER BREACH SUMMARY Additional references summary……………………………………………….5 References……………………………………………………………………..11 2 NEW JERSEY SPINE CENTER BREACH SUMMARY Summary of New Jersey spine center breach The notification from the New Jersey Spine Center, sent to patients on September 22, describes a real disaster where not only essential patient files and credit card information were locked up, but their most recent backup was too. No wonder they paid the ransom. On July 27, 2016, the computer systems were attacked by a malware ransom virus called “CryptoWall.” The malware was detected by our virus protection software but unfortunately not until after our electronic patient records were encrypted. The virus encrypted, thereby rendering unusable, all of our electronic medical record files that contained all of the clinical information on our patients such as procedures, office notes, reports, etc. In addition to the medical information, the records contained demographic information such as date of birth, address, and in some cases SSN, credit card and account information. The virus also encrypted our most recent system backup and even disabled our phone system. The individuals demanded that we pay a monetary ransom in order to receive an encryption key to unlock the files. Seeing no other option, we elected to pay the ransom to gain access to the records (HIPAA, 2016). It was noticed to the the FBI and local authorities regarding the incident. Unfortunately, these individuals often operate outside of the United States, making detection, identification and prosecution nearly impossible. The virus likely utilized a list of stolen passwords and ran an automated program that attempted access until a correct match was found (HIPAA, 2016). Below image is the screen shot of the breach posted in the journal. 3 NEW JERSEY SPINE CENTER BREACH SUMMARY 4 NEW JERSEY SPINE CENTER BREACH SUMMARY References Arndt,R.Z. (2017). Emory healthcare cyberattack affects 80,000 patients records. Retrieved from, http://www.modernhealthcare.com/article/20170302/NEWS/170309983/emoryhealthcare-cyberattack-affects-80000-patient-records Small, L. (2016). Security breach exposes info of blue shield of California members. Retrieved from, http://www.fiercehealthcare.com/payer/security-breach-exposes-info-blueshield-california-members Geen, M. (2016). Kern country mental health departments reports potential PHI breach. Retrieved from, http://www.beckershospitalreview.com/healthcare-information-technology/kerncounty-mental-health-department-reports-potential-phi-breach.html Hagland, M. (2016). MedStar health hacked, HER down, FBI investigating. Retrieved from, http://www.healthcare-informatics.com/article/breaking-news-medstar-health-hackedehr-down-fbi-investigating HIPAA journal. (2016). New Jersey spine center pays ransom to unlock HER. Retrieved from, http://www.hipaajournal.com/new-jersey-spine-center-pays-ransom-to-unlock-ehrs-3612/ Jayanthi, A. (2016). Breach affects 12,000 people at NM treatment center. Retrieved from, 5 NEW JERSEY SPINE CENTER BREACH SUMMARY http://www.beckershospitalreview.com/healthcare-information-technology/breachaffects-12-000-people-at-nm-treatment-center.html Journal news. (2017). More than 7K patients notified of information breach. Retrieved from, http://www.journal-news.net/news/local-news/2017/02/more-than-7k-patients-notifiedof-information-breach/ Xtelligent media. (2016). Over 19K patients notified in potential HER data breach. Retrieved from, http://healthitsecurity.com/news/over-19k-patients-notified-in-potential-ehrdata-breach 6 Running head: NEW JERSEY SPINE CENTER BREACH OUTLINE Outline of New Jersey spine center breach Outline of New Jersey spine center breach What happened? On July 27, 2016, the computer systems of New Jersey spine center were attacked by a malware ransom virus called “CryptoWall.” A recent New Jersey Spine Center ransomware attack resulted in electronic patient health records being locked with powerful encryption. 1 NEW JERSEY SPINE CENTER BREACH OUTLINE The attack involved the ransomware variant Cryptowall, which has been used in numerous attacks over the past few months. Unfortunately, while decryptors have been published for a number of ransomware variants, the latest version of Cryptowall has resisted security companies’ efforts to crack it. Infection with this ransomware variant leaves organizations with three choices. Accept data loss, recover the files from a backup, or pay the ransom demand to obtain the key to decrypt the data. The impact of what happened? Encrypted patient files contained names, personal information, Social Security numbers, details of procedures performed, clinical information, credit card numbers, and account information. Office notes, reports, and other important files were also locked. Access to the files was regained on August 1 after the ransom was paid.The virus likely utilized a list of stolen passwords and ran an automated program that attempted access until a correct match was found. The medical records contained patients' clinical information, including procedures, office notes and reports, as well as demographic information, including birth dates, addresses, some Social Security numbers, credit card information and account information were stolen. The New Jersey Spine Center has reported it has suffered a ransomware attack that resulted not only in the electronic health records of patients being encrypted, but also its backup files. The infection also disabled the spine center’s phone system. According to the breach report submitted to the Department of Health and Human Services’ Office for Civil Rights, 28,000 patients were impacted by the breach. Why it happened? The ransomware was installed on July 27, 2016, and while the organization’s antivirus software did detect the malicious software, it was only after files had been encrypted. Without access to the latest backup files, New Jersey Spine Center was given little alternative but to pay the attacker’s ransom demand. New Jersey Spine Center has not disclosed how much was paid to the attackers. After payment of the ransom the attackers supplied a functional key to decrypted the locked files. Access to EHRs was regained on August 1. New Jersey Spine Center does not believe the attackers viewed or stole any data in the attack. However, since it was not possible to rule out data access, affected patients have been offered a year of complimentary credit monitoring and identity theft protection services. The likelihood of it happening again? All individuals affected by the incident have been offered identify theft protection services for 12 months without charge, although in attacks such as this, data are usually blindly encrypted rather than being stolen. The identity theft protection services were provided “out of an abundance of caution.” Ransomware attacks are reportable to the Department of Health and Human Services’ Office for Civil Rights under HIPAA Rules. What must be done to prevent it from happening again? Keep systems up-to-date: Vulnerabilities in applications, operating systems, plug-ins and systems can allow cybercriminals to successfully infiltrate corporate defenses. Ensure there are good and recent backups: An effective way to recover from a ransomware attack, as well as from other types of malware infections, is to restore the infected endpoint(s) from a known, good backup taken as close as possible to the point before the infection occurred. Deploy anti-phishing and anti-ransomware solutions: There are very good solutions that can be deployed on-premises or in the cloud that can detect phishing and spear phishing attempts, ransomware, data exfiltration and a variety of other threats. References 2 NEW JERSEY SPINE CENTER BREACH OUTLINE Jayanthi, A. (2016). New Jersey spine center pays ransom to cyberattackers after ‘seeing no other option’. Retrieved from, http://www.beckershospitalreview.com/healthcare-information-technology/new-jerseyspine-center-pays-ransom-to-cyberattackers-after-seeing-no-other-option.html 3 NEW JERSEY SPINE CENTER BREACH OUTLINE 4
Purchase answer to see full attachment

Tags: "APA formatted" " minimum 6 pages"

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

Running head: NEW JERSEY SPINE CENTER ATTACK

New Jersey Spine Center Attack
Name
Professor
Institution
Course
Date

1

NEW JERSEY SPINE CENTER ATTACK

2

New Jersey Spine Center Attack
On 27th July 2016, a ransom ware was installed in New Jersey Spine Center’s system.
The systems antivirus software only detected the malicious software after it had encrypted the
institution’s files. The malicious software made it impossible for the institution to access its
backup files that it had stored. The data that was encrypted included files belonging to a total of
28,000 patients. Some of the data that was encrypted included social security numbers, name,
credit card numbers and addresses (Arndt, 2017). The software also was spread through all email
attachments that were related to the institution. After the attack, it was impossible for the health
care institution to use the files that contained information related to patients. All the
electronically stored medical records in the institution were rendered unusable and the
organization suffered great loss.
Besides medical records, there was other kind of information that was encrypted through
the attack. For instance, demographic information and the date of birth for patients were also
lost. The malware went to an extreme when it affected the phone systems and backup making
them disabled. This was a major effect to the company’s activities where there was cut off
communication and the backup systems could not assist the institution in retrieving the lost data
(Small, 2016). At this time, the whole New Jersey Spine Center was brought into a standstill as it
was hard to operate without having the historical information on patients and information related
to their conditions. The cryptowall malware had a varied version so that it was hard for security
companies to crack the code and gain access to the encrypted information. The attack left the
institution with only three choices in order to get back information and data that was lost.

NEW JERSEY SPINE CENTER ATTACK

3

The only way through which the facility could access the lost information was through
accepting that it had lost its important data on patients. This would mean that the institution
would be tasked with gathering data from patients once again and making new reports about
their health conditions. The process would be lengthy and there would be mistakes arising from
new diagnoses or inconsistency in information related to patients. The second option would be
recovering the files from the facility’s backup. This has already been made impossible by the
malware as encryption had been made on the data stored in backups. This was not an option for
the company as it was already made impossible (Geen, 2016). The third option was to pay a
ransom to the attackers so that they could provide a decryption key to the institution. This was
the only viable option for the institution as the other options would only make the facility forego
its original data and this was expensive. However, paying a ransom meant that the facility would
get back its data and continue using it when taking care of its patients. The option was expensive
but the center took it as the best option where it bought back its data and information. The
buying was an expensive option for the institution but since there was no better choice, it was left
as the only option that could enable the facility continue with its treatment procedures to patients.
Patient’s information that was contained in the encrypted files was important in making
some decisions by doctors. In addition, the data contained information on the payment details for
patients and their places of residence as well as those who took care of them while they were still
in the health care facility. After paying a ransom, data was regained on 1st August 2017. From
the security team, the malware had utilized the passwords and automated programs that were
stolen from the institution which had enabled the hackers to encrypt the information (Hagland,
2016). Clinical information about patients, their procedures, official notes and reports on how
they were progressing through treatment were contained in the encrypted data. The breach that

NEW JERSEY SPINE CENTER ATTACK

4

took place in the facility had brought its activities come to a stop as most of the information
about patients was stored in the computer systems. The facility had reported the attack to the
Department of Health and Human Services Office for Civil rights and stated the number of
patients who were affected.
Through the malware, it was likely that the health care facility could not perform
procedures on patients as there was no evidence of what was supposed to be done. It was also
hard for the nurses to assist the doctors as they did not have all the information related to
different patients. In this case, patients were made to suffer as some services could not be offered
without the information and data on these patients (Jayanthi, 2016). In addition, the malware
affected the operations of every member in the healthcare organization could not perform their
duties as everything was being controlled through the computer systems. The breach al...