Sunday, March 1, 2015

Despite our Warnings - Wake Health

Despite our previous warnings we are now seeing indications that Wake Health is being specifically targeted by external actors. While we have talked to them on at least one occasion by phone and several post have been made to the blog they have continued to ignore the information we have sent to them.

Today we started seeing information indicating that they are specifically being targeted. These are the same types of indicators that we noted from Anthem months before they acknowledged that they were breached. It is our belief that Wake Health will be the next entity to see similar issues.

What starts out as probes end up with infiltration and we can tell you from previous visits that Wake Health is not protecting PHI concerning patients. They have taken the same route as some other entities in ignoring our warnings and are not a client so we are helpless to help them.

Specifically we are seeing that compromised servers in Switzerland and in Russia are being used to target their employees. It will only take one slip up and they will suffer the same fate as Anthem and some of the educational institutions we have been alerting on.

Again Wake you should seriously hire us to secure your network. I am pretty sure it's probably already too late but you can't say we didn't warn you numerous times to this type of activity.

Here is what is known to date:
1. Wake Health has been leaking PHI for well over a year. The information was more than likely being used to collect information such as usernames (which we have observed as well).
2. Domains and existing malicious actors are utilizing previously compromised host to send email to Wake's employees to infect their infrastructure with targeted malware (cannot confirm but this is the same pattern we have previously observed).
3. Patient information and PHI is currently being shopped in underground markets so this is an indicator that they may have already been compromised yet they have not acknowledged (and they ignored our previous warnings).

We will update if we see any information but will only talk to Wake Health directly concerning this matter and only if under contract.

No comments:

Post a Comment