Data Security: How Kern Medical Center Responded To A Data Breach.

I was reading a Forbes article on how Kern Medical Center’s IT systems stopped working due to a malware infestation this past July when I burst out laughing.  The story has absolutely nothing to do with data encryption software, but I thought I’d share it, both for the humorous incident and the insight.

MSFT’s .lmk File Security Threat

Not too long ago, Microsoft had announced that malware was spreading by exploiting the lnk files (shortcut files) in MSFT’s operating systems.  Kern Medical Center found out that it had been affected, finding 13 types of malware infecting their computers.  Prior to the IT department finding this out:

The first thing that happened was people called us saying their printers were printing long jobs gibberish until it would run out of paper. When we asked what they were doing about it, they told us they were adding more paper to the printers. That was the first indication we had a problem [, my emphasis]

Problems is more like it, and I’m not referring just to the malware infestation.  Sadly enough, I’m reminded of an incident from my college years, in the engineering computer lab, where some of my fellow students were doing the same thing, not in response to malware, but because some guy had printed his computer code in 72-point size font and then split when he couldn’t figure out how to add paper to the tray.  In turn, they added the paper because they couldn’t proceed with their own print jobs until this guy’s was finished.  (I think of this incident whenever I’m feeling particularly stupid and want to feel better.)

Jokes aside, the Forbes article has several insights that any company–medical or otherwise–could use:

  • Have a diverse computing environment: MSFT, Linux, Mac, whatever.  This way, malware written for one environment won’t bring down everything.

  • Engage in “protection through depth” or as I usually refer to, layered protection.

For example, if your only data protection at your company is antivirus software–and we’ll say for now that it protects 100% against all viruses and other malware–you’re still risking a data security incident due to theft or loss (where encryption software would be much more appropriate), or because the wrong file was e-mail to the wrong person (where DLP, data loss prevention, programs are necessary), or because a file was saved to the wrong server and made public to the world via Google’s indexing program, i.e., the internet.

Some Guy Slips A Ransom Note to CEO

It was also mentioned that at some hospital, not Kerns,

someone broke into the system, then walked down the hallway and slipped a note under the CEO’s door. He said, “Here’s my Cayman Island bank account and put money in or I’ll release your records.” At another hospital, the FBI had a video the hacker had made of himself and in 4 minutes and 26 seconds he broke into the hospital. He put it on YouTube afterward. The potential lawsuits that come from the release of patient information are huge.[]

Damn.  It sounds like someone literally broke into a company’s data center/room in the first incident (definitely in the second).  Under the circumstances, there would have been nothing to prevent these people from stealing servers with data outright.  If that happens, a solution like AlertBoot disk encryption software would ensure data security.  Crashing through doors and windows is easy; guessing a properly conceived password not so much.  And guessing the encryption key, even less.

Related Articles and Sites:

Comments (0)

Let us know what you think