Cybersecurity and the Medical Field

The medical field has been targeted over the last few years for attacks. The focus has and continues to be the data being held. These attacks may take any of the many different forms of attack, dependent on the target’s equipment, configurations, and other factors. The data targeted by the attackers has value to them and for resale. A recent case directly involved this. UCSF experienced a successful attack on June 1, 2020 with their School of Medicine’s IT environment. While the method was not published, the data involved was. The attacker may have had access to the current and former employee’s names, social security number, government ID numbers, medical information, health insurance ID numbers, and possibly financial information.

After the attack was discovered, UCSF did contract with a cybersecurity consultant, and others to investigate the breach. The IT system was also analyzed for areas to harden, to minimize the opportunity for this to happen again.

The successful method used for the breach was not available. This could have been a simple phishing attack, or a more complex, multi-step attack on their system. This attack however does emphasize the need for a complete, defense in depth. This involves staff training, patch management, and updates.

About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.