Ransomware attack hits MedStar Health, network offline

  MedStar Health, the largest healthcare provider in Maryland and Washington, D.C., was forced to         disable their network on Monday after an alleged Ransomware attack infected several systems.           MedStar operates 10 hospitals and more than 200 outpatient offices. FBI is looking into the incident.
  • An employee stated that the pop-up appeared on the computer warning of infection and demanded a ransom in some kind of internet currency.
  • MedStar staff report that they're having trouble accessing patient records. Communication between staff is either face-to-face or via phone.
  • In addition to delays in record searches, it's also possible that appointments and surgeries will have to be delayed too, as will lab results.
  • There is no evidence that information has been compromised. The organization has moved to back-up systems and paper transactions where necessary.
Why a Culture Change is needed for Healthcare Data Security ?

Although HIPAA regulations were meant to improve healthcare security, many challenges still remain. For example, audits reveal lax security; information breaches are increasing and identity theft along with fraud are prevalent. In response to these identified problems, the real solution requires a security culture to be in place with a holistic back-to-basics safety approach of the entire data life cycle. Healthcare needs to change its approach to data security, and those in the industry need to change the way that they think about the data itself and more importantly how that data is protected. Clearly, privacy and security is not yet a dominant culture throughout healthcare and many still struggle with change. Leadership, education, experience, technology awareness and willingness to change are important contributing factors.  What healthcare needs is a culture that respects and values privacy and security of patient information as a part of the care mission. Some questions you can ask to begin with:
  • Does your organization currently have a culture that values privacy and security?
  • What are the two most important factors to creating a culture of privacy and security?
Five questions every CEO should ask about cybersecurity    
It wasn't long ago that businesses still saw cybersecurity as a problem for the IT people to handle. But a wave of aggressive, sophisticated commercial cyberattacks has changed that way of thinking, and CEOs now know it's up to them to ensure their companies are meeting the challenge head-on.  The CEO of a company, can't know in detail about everything that goes on in their organization, however, a good CEO can ensure the right management staff is assigned to protect the data assets of their organization. Behind every good cybersecurity strategy is good information about how the company works. And to get that information, CEOs must ask the right questions:
  • Is your board of directors fully engaged in cybersecurity?
  • When did you and your board review your last risk assessment?
  • What makes you a target for attacks?
  • What data is leaving your company and is it secure?
  • Have I provided my security organization all the tools and resources it needs to help prevent a security breach?


      April 4, 2016

Tournament Players Club Eagle Trace
  1111 Eagle Trace Boulevard
Coral Springs, FL 33071




April 16, 2016

 Stetson  College of Law - Tampa Campus
1700 North Tampa Street, Tampa, Florida 33602


24By7Security, Inc. is a full service Cybersecurity strategy, implementation, operations and training firm. Our leadership consists of Cybersecurity experts with hands-on experience and have served in various capacities such as Chief Information Officer (CIO), Chief Information Security Officer (CISO), Technology Director and active-duty top-security roles. We provide Cybersecurity-related services in the areas of Strategy, Internal Audit Support, Assessments, Remediation and Training. We believe that Cybersecurity needs to be priority ONE across all functions (IT, Finance and Accounting, Operations, HR, Sales and Marketing) of the enterprise, thus avoiding unnecessary risk to businesses and preventing the next generation of threats that could undermine the stability of companies.

24By7Security, Inc. | | (844) 55 CYBER |
See what's happening on our social sites: