Friday’s cyberattack is a shot-over-bow for healthcare (updated)

[grow_thumb image=”https://telecareaware.com/wp-content/uploads/2015/03/26ED4A2300000578-3011302-_Computers_are_going_to_take_over_from_humans_no_question_he_add-a-28_1427302222202.jpg” thumb_width=”150″ /]Friday’s multiple distributed denial-of-service (DDoS) attacks on Dyn, the domain name system provider for hundreds of major websites, also hit close to home. Both Athenahealth and Allscripts went down briefly during the attack period. Athenahealth reported that only their patient-facing website was affected, not their EHRs, according to Modern Healthcare. However, a security expert from CynergisTek, CEO Mac McMillan, said that Athenahealth EHRs were affected, albeit only a few–all small hospitals.

A researcher/spokesman from Dyn had hours before the attack presented a talk on DDoS attacks at a meeting of the North American Network Operators Group (NANOG)

The culprit is a bit of malware called Mirai that targets IoT–Internet of Things–devices. It also took down the (Brian)KrebsOnSecurity.com blog which had been working with Dyn on information around DDoS attacks and some of those promoting ‘cures’. According to Krebs, the malware first looks through millions of poorly secured internet-connected devices (those innocent looking DVRs, smart home devices and even security devices that look out on your front door) and servers, then pounces via using botnets to convert a huge number of them to send tsunamis of traffic to the target to crash it. According to the Krebs website, it’s also entwined with extortion–read, ransomware demands. (Click ‘read more’ for additional analysis on the attack)

Here we have another warning for healthcare, if ransomware wasn’t enough. According to MH, “even for those hospitals with so-called “legacy” EHRs that run on the hospital’s own computers, an average of about 30 percent of their information technology infrastructure is hosted by an outside company and provided over the internet.” All too many of these hospital monitors run on outdated software with no to little protection from hackers [The happy hackfest instigated inhouse by Essentia Health in 2014 proves the point; from last year, here is the warning that all these outdated devices are Typhoid Marys spreading infection through hospital networks]. St Jude Medical has of late had to answer charges that its pacemakers and other cardiac devices are vulnerable to hacking–which short-sellers have used to drive down its stock pending its acquisition by Abbott Laboratories. Modern Healthcare

The answer? Everywhere. The universal conclusion is that this particular Mirai malware-caused DDoS is but a test for the next waves, and next malware, to come. ZDNet

Updated: 5 takeaways on why this matters from TechRepublic, including the ‘layered’ nature of the Dyn attack which went from the US East Coast to worldwide over a matter of hours, and the urgent need to patch, update or toss IoS devices. And if you want a glimpse into the Hacker Life and their ethics (which justify hacks against the Daesh (better known as ISIS), the KKK, Fox News, CNN, both political parties, and the US military, ahem), read an interview published by TR with S1ege of the group Ghost Squad Hackers. (Take the latter with a box of salt!)