- June 11, 2020
Cyber Attacks on Hospitals and Law Enforcement
CyberAttacks on Hospitals and Law Enforcement
CyberAttacks on Hospitals and Law Enforcement
Inthe past recent years, cyber-attacks have been very common in theUnited States. It has been observed more in hospitals and lawenforcement bodies. This paper looks into the issue by studying thesecases to help control it. A team is hired by the Federal Bureau ofInvestigation to assess several cases of cyber-attacks that have beenreported in various hospitals from Med Star health facility inWashington to Hollywood Presbyterian Medical Center in the weeksbefore. There was also Methodist Hospital which was even declared astate of emergency after it was attacked. It is, therefore, apparentthat cyber crimes have become worrying. After a thorough assessment,the team is required to provide then recommendations on how to testsimilar computer systems in other law enforcement agencies andhospitals. This exercise will involve analyzing case materials toidentify the types of threats and attacks that were performed. Itwill also expose the vulnerabilities to cyber crimes in the hospitalsand law enforcement agencies in question. The tools, techniques andprocedures (TTPs) used by hackers will be uncovered and used toassist in future preparation and protection. A Security AssessmentReport (SAR) and an Assessment Action Report (AAR) will be preparedto outline all the findings and recommendations (James Scott, 2016).
Cybercrimeis rising faster than was anticipated. The convenience, speed and,above all, the anonymity of the internet is helping that. Criminalsare exploiting these to commit a broad range of criminal undertakingsthat have posed real threats to individuals and institutions all overthe world. There are two major types of internet crimescyber-enabled crimes and advanced cyber crimes or rather a high-techcrime. The first case involves sophisticated internet attacks oncomputer software and hardware. On the other hand, the latterrepresents various tradition offenses such as terrorism or crimesagainst children which existed before but have taken a turn ofsophistication with technological innovation, particularly theinternet.
Thesedays, cyber crimes are rarely being committed by individuals or smallgroups like in the past. Sophisticated criminal organizations withmembers from all over the globe have been developed, and the internetis their fastest way to facilitate their activities and maximizetheir profits. Most of them have excellent hacking skills that havekept them undetected for a long time. They have found ways todisguise themselves through other online advertisements andopportunities. Fraud, theft, sale of fake medicines and illegalgambling are some of the crimes that they commit (Interpol, 2016).
Someof the bodies committed to the international fight against cybercrimeinclude the Federal Bureau of Investigation and Interpol. Theyinvestigate these crimes on a cooperative level and provide localenforcement with cyber intelligence by combining inputs on a globalscale.
SecurityAnalysis Report (SAR)
Analert warning has been issued by the Internet Crime Complaint Centre(IC3) to public officials and law enforcement personnel concerningincreased internet-related crimes. They are at significant risk ofbeing victims of acts such as:
Doxing:a trend that has been observed where a person obtains and publishessomeone else’s personal information without their consent. Suchofficials, their employees, together with their families, aretargeted. Other individuals within law enforcement agencies orhospitals such as patients or those in custody may also be exposed tocyber threats. A good example is Freddy Gray, a black man that diedin police custody in Baltimore. The incident caused demonstrations.Police reports say that it was due to unknown hacker groups thataccessed open source information and other information that waspublicly available. According to security analysts, the hackerspossessed sophisticated cyber-attack skills.
InDecember 2014, in protest of a decision by a grand jury not to chargewhite police officers with the deaths of black suspects in Missouri,Ferguson and New York City, Anonymous attacked the Oakland police inCalif. Another incident occurred in 2011 when the criminal grouphacked 70 computer networks belonging to a local police department.They disclosed information concerning an ongoing investigationincluding emails, credit card numbers and informant tips.
Swatting:This is another attack strategy. Involves reporting to lawenforcement authorities a hostage situation or any other criticalsituation at the victim’s residence when actually, there isn’tsuch emergency incident.
Socialengineering:It is a technique where targets are deceived into giving theirpersonal, confidential or sensitive information through phone calls.Such information could then been used to commit cybercrimes.
Tools,techniques and procedures (TTPs)
TheMed Star attack had the hackers infiltrate the hospital systems witha virus, and that crippled its entire IT infrastructure. The hospitaloperates ten hospitals around the DC/Baltimore region, all of whichwere forced to shut down and to revert paper records due to theattack. It was speculated that the criminals wanted ransom inexchange for retracting the virus.
Thecase of Hollywood Presbyterian Medical Center in California had theperpetrators hack into the facility`s electronic health recordssystem. The hospital paid about $17,000 and 40-bit coins which arenot traceable, after being slapped with a ransomware to recoveraccess to the network. A week later, two more hospitals in Californiawere hit with ransomware attacks of the same nature (Mukherjee,2016).
Cyber-attacksin the financial sector
Thefinancial sector has also grown a lot with the internet revolution.Internet-based commerce systems are being applied and thus have beena target of cyber crimes. Hackers` intentions are
“Third Party Payment Processor Breaches”
“Securities and Market Trading Exploitation”
“ATM Skimming and Point of Sale Scheme”
“Mobile Banking Exploitation”
“Supply Chain Infiltration”
“Telecommunication Network Disruption”
“Financial Estimates of Damages”
Thesemalicious cyber incidents affect financial institutions’ managementand mostly their customers. They pose inconveniences and are costlyto recover (Testimony Threats to the financial sector, 2011).
AssessmentAction Report (AAR)
Eliminatingexposure to cyber crimes completely would be tough. However, thereare various ways to reduce risks of being hacked. Moreover, accordingto the FBI, such attacks can be aggravated by opening infected emailsi.e. those that have malicious links or attachments or by scanningnetworks.
Stepsto reduce the risks of cyber attacks
Firstly,it is wise to limit personal information and postings on social mediasites as well as being extra cautious when posting comments. Usingall privacy settings together with routine software updating tocorrect security flaws are highly recommended. One should avoidposting media content revealing an affiliation with law enforcement.Also, officials and officers ought to be aware of their onlinepresence. For instance, they should not post their photos in uniformsshowing name tags neither should they list their department on socialmedia as it would increase their risk of being targeted.
TheFBI recommends carrying out routine online name searches to determineinformation that is available to the public. The two-factor securityis also supported for email. In addition to using a password with 15characters and over, one should change it regularly. The Bureau alsorecommends close monitoring of credit card and banking activity tocheck for fraudulent activity.
Ransomthreats in American hospitals have been random and frequent. Theyhave to pay up because they risk losing a lot if they do not. Delayedsurgeries, frozen files and patients being sent across town to otherhospitals are just a few of the consequences. Patients could die(Allen, 2016). However, there are steps in which hospitals or healthsystems can take to strengthen their defenses against hackers and tostop ransomware attacks. Having identified the tools and techniquesapplied by hackers to perpetrate an attack, the following stepsshould help to reduce vulnerabilities (Siwicki, 2016):
Backing up their data
Keeping a “gold image” of systems and configurations
Develop a plan for when they are attacked
Working with well-equipped cyber security vendors
Crafting test plans
Someof the challenges that may be experienced when investigation a cybercrime include
Identity theft– where a person unlawfully gathers another`s personal information then uses it to perpetrate a crime such as theft or fraud. The team, to deal with stop these crime groups must prioritize this fact.
Going dark– Law enforcement agencies have legal authority to access information according to court orders. However, they sometimes are unable to do this due to lack of technical ability due to a shift in communication services and technologies. It hinders access to vital information that could help identify victims and save them. It also hides evidence that may help convict the real perpetrators or even exonerate innocent suspects.
Theseare methods that may be used to gather information and then to use itto penetrate a system. When conducting a vulnerability test in agiven system, these techniques should be applied. If these activitiesgo undetected, then the system in question is under a significantthreat of cyber crime.
Asmuch as criminals commit most cyber crimes from outside, it is alsopossible for an attack to be an inside job. An employee in a healthfacility or an official or officer in a law enforcement agency mayprovide information from the inside. This scenario is usuallymotivated by greed or unsatisfaction where the inside person inquestion colludes with criminals to demand ransom.
Providinga web portal to use for logging into websites helps a great deal. Itprovides better security since only individuals with correct detailscan access web information. However, some powerful hacking softwaresuch as "Network Mapper" (Nmap), Nessus Remote SecurityScan and Wire shark can crack usernames and passwords to suchportals. Other scanners that could exploit the vulnerability of awebsite include John the Ripper (jtr), Nikto, Superscan, POF,Yersinia, hping, among others (Top 15 hacking software, 2012).Possible counter measures to this include
Protecting usernames and passwords by ensuring they are in the hands of the right individuals.
Changing passwords from time to time, just in case it lands it the wrong hands.
Tosum up, the issues mentioned above, cyber crimes have been on aworrying rise in the recent past in the United States. Some of thesectors that have been hugely affected by these attacks are the lawenforcement bodies and hospitals. The financial sector has alsosuffered these attacks. The paper analyzes some of the cases ofhacking that have been reported their types, the tools as well astechniques used. Methods to check for vulnerabilities in systems aswell as possible countermeasures are also discussed. All this is toreduce or attempt to eliminate cases of cyber-attacks and to create afearless internet world.
Allen,A. (2016, July 18). Cyber ransom attacks panic hospitals, alarmCongress. Retrieved from Politico:http://www.politico.com/story/2016/07/cyber-ransom-attacks-panic-hospitals-congress-225791
INTERPOL.(2016). Retrieved from Cybercrime:https://www.interpol.int/Crime-areas/Cybercrime/Cybercrime
JamesScott, P. E. (2016). Hacking Healthcare IT in 2016, Lessons theHealthcare Industry can learn from the OPM Breach. Institute forCritical Infrastructure Technology.
Mukherjee.(2016, March 29). Hackers Have Crippled Another Major Hospital ChainWith a Cyberattack. Retrieved from Fortune:http://fortune.com/2016/03/29/hackers-medstar-cyber-attack/
Siwicki,B. (2016, April 6). Tips for protecting hospitals from ransom ware ascyber attacks surge. Retrieved from Healthcare IT News:http://www.healthcareitnews.com/news/tips-protecting-hospitals-ransomware-cyber-attacks-surge
(2011).Testimony Threats to the financial sector. Washington, DC: The FBI.
Top15 hacking software. (2012, January 16). Retrieved fromhttps://skdhackers.wordpress.com/category/hachttps://www.interpol.int/Crime-areas/Cybercrime/Cybercrime king/