Tenet Health confirms 'cybersecurity incident' that impacted hospitals

Dave Hess

Dave Hess

Joined
Jul 26, 2020
Messages
5,286
Location
FL

Tenet Health confirms 'cybersecurity incident' that impacted hospitals​


www.wptv.com

Tenet Health confirms 'cybersecurity incident' that impacted West Palm Beach hospitals

Tenet Health, which operates St. Mary's Medical Center and Good Samaritan Medical Center in West Palm Beach, said Tuesday that the company "experienced a cybersecurity incident last week."
www.wptv.com www.wptv.com

My niece is a nurse at one of the affected hospital. Says they were using pen and paper for 6 days. Hospital administrators are very hush-hush about what’s going on.

Just wondering how does a person get into Cyber Security as a career field ?

What training / certifications do IT folks need to have to prevent this type of hack ?

Lots of IT professionals on here, maybe they can chime in.

.
 
I used to contract for Tenet a lifetime ago. They have very strong security and controls. I haven't talked to any of my contacts there currently, and I'd bet they are tight lipped.

Tenet manages a TON of hospitals, they are an organization that comes into optimize revenue, then sells the hospital.
 
Unlikely for large organizations like these. More likely the equipments they use are not on the latest patch or a new security problem were found, etc.

I'm starting to think for security reason, future would be terminals with only 1 function each, as dumb as possible, with a dedicated connection to dedicated servers, no more "sharing" between devices or anything like that.


brianl703 said:
My guess...

Some idiot clicked on a link they got in email, which encrypted a network share that was mapped on the computer where they clicked it, and they have no backups.
Click to expand...
 
PandaBear said:
Unlikely for large organizations like these. More likely the equipments they use are not on the latest patch or a new security problem were found, etc.
Click to expand...

That shouldn't take 6 days to recover from. Generally, if it takes that long to recover, you're rebuilding systems you don't have a backup of.
 
What do college student need to focus on to get into Cyber Security industry ?
Cisco Security Certs ?

I’ve seen hospital Dell computers at the nurses station look like a hockey puck, no DVD player and no USB ports.
Too many employees using tainted USBs with music to cause problems in the past.
 
Last edited:
brianl703 said:
That shouldn't take 6 days to recover from. Generally, if it takes that long to recover, you're rebuilding systems you don't have a backup of.
Click to expand...
I know a couple companies that got hit and hit hard by cyber attacks. Took them a lot longer than 6 days to recover. One company that we work with took months to recover and I'm still not sure they are fully back.
 
Leo99 said:
I know a couple companies that got hit and hit hard by cyber attacks. Took them a lot longer than 6 days to recover. One company that we work with took months to recover and I'm still not sure they are fully back.
Click to expand...

My record is 4 hours from the time said idiot clicked on the link till I had the entire drive restored from backup. Would've been faster, but tape libraries only work so fast.

Adding rules to the firewall to block all of Asia Pacific and Russia netblocks from the email server dramatically cut down on the spam and phishing attempts, as well as the portscans.

I strongly suggest that anyone whose business does not involve those regions of the world block them from their network.
 
brianl703 said:
My guess...

Some idiot clicked on a link they got in email, which encrypted a network share that was mapped on the computer where they clicked it, and they have no backups.
Click to expand...
Of course no one at a hospital is understaffed or overworked or rushing because someone's life is on the line. Problem with approaches like these are people are less likely to say 'anything' if they do something they might deem a mistake; can you use "idiot" a few more times. JMO. Could be a simple mistake by a user or a very complicated attack. I'm interested in the attack vector.
 
simple_gifts said:
Of course no one at a hospital is understaffed or overworked or rushing because someone's life is on the line. Problem with approaches like these are people are less likely to say 'anything' if they do something they might deem a mistake; can you use "idiot" a few more times. JMO. Could be a simple mistake by a user or a very complicated attack. I'm interested in the attack vector.
Click to expand...

A very complicated attack isn't always needed because users can often be tricked into doing things they shouldn't.

You'll probably never find out what really happened, things like that are kept confidential.

EDIT: And why would someone who is dealing with someone's life on the line doing anything with email and clicking on a link??
 
Last edited:
brianl703 said:
EDIT: And why would someone who is dealing with someone's life on the line doing anything with email and clicking on a link??
Click to expand...
Because notification of shipment of critical life saving supplies may come via email? Use your imagination. Fedex tracking etc.

Training to avoid these scenarios must be ongoing and in the spirit of continuous improvement.
 
Not to change the subject….

My employer sends out phishing ’test’ emails to see if you click on them. I have to admit I’ve clicked on a few of them.
 
Dave Hess said:

Tenet Health confirms 'cybersecurity incident' that impacted hospitals​


www.wptv.com

Tenet Health confirms 'cybersecurity incident' that impacted West Palm Beach hospitals

Tenet Health, which operates St. Mary's Medical Center and Good Samaritan Medical Center in West Palm Beach, said Tuesday that the company "experienced a cybersecurity incident last week."
www.wptv.com www.wptv.com

My niece is a nurse at one of the affected hospital. Says they were using pen and paper for 6 days. Hospital administrators are very hush-hush about what’s going on.

Just wondering how does a person get into Cyber Security as a career field ?

What training / certifications do IT folks need to have to prevent this type of hack ?

Lots of IT professionals on here, maybe they can chime in.

.
Click to expand...
Two very useful and sought after certifications are CompTIA Security+ and CISSP. CISSP is the more difficult and desirable cert. I've personally seen a young IT help desk tech jump from 60K per year to 120K by obtaining a CISSP.
 
slug_bug said:
Two very useful and sought after certifications are CompTIA Security+ and CISSP. CISSP is the more difficult and desirable cert. I've personally seen a young IT help desk tech jump from 60K per year to 120K by obtaining a CISSP.
Click to expand...

Nice 👍
 
brianl703 said:
EDIT: And why would someone who is dealing with someone's life on the line doing anything with email and clicking on a link??
Click to expand...


I worked in hospitals for many years. There are thousands of employees and all kinds of emails regarding to everything from patient care to system announcements, new policies, meetings and so forth. The hospital I worked at did not allow outside emails.

I have heard that some of these phishing emails do not require you to click on a link. Just opening the email does the trick. So It is confusing as to what to open and what not to open.

Hospital systems are interconnected as well within the system which might include many hospitals as well as clinics, nursing homes and so forth. Connections between departments are essential. A department like pharmacy for example will need access to the lab system for a patient’s lab results.

It is a very complicated system
 
PimTac said:
I have heard that some of these phishing emails do not require you to click on a link. Just opening the email does the trick.
Click to expand...

That would be a problem with the email client being used, ultimately the responsibility of the IT department to patch it or replace it with something that doesn't do that.
 
Dave Hess said:
Not to change the subject….

My employer sends out phishing ’test’ emails to see if you click on them. I have to admit I’ve clicked on a few of them.
Click to expand...
As does mine; Not always obvious. I've failed once being a new employee, reported the other 10 or so tests successfully.
 
You must log in or register to reply here.
Back
Top