I have completed the technical report and lab report, Need someone to develop a narrated presentation for the members of the hospital board as well as the CIO and other managers from these two reports. My technical report will have to provide an analysis of the infrastructure and the threats, based on the incident that first brought the organization’s security issues to my team’s attention.
Technical and lab reports will have to be the basis of a presentation that I will have to provide for the hospital board. The board will make decisions concerning what actions are taken and how much money will be allocated for cybersecurity. Therefore, I will have to create a slide deck that captures the salient points of My research, the results of the lab tests of the password-cracking tools, and the team’s proposals to tighten information security practices. I will have to consider the suggestions in the table below to focus my efforts on this presentation.
( Topics to Address in the Narrated Presentation
Keep the primary goals of your presentation in mind as you build your presentation to the board: be credible, be clear, and provide reasoned solution recommendations.
Present your technical findings succinctly to a non-technical audience. Avoid acronyms or slang; opt for clear language and clear explanations.
Provide a high-level summary of the infrastructure, the vulnerabilities that may have enabled the breach, and recommended actions. Explain what happened, the impact on the organization, and your proposed actions with rationale and costs.
You are limited to 12 slides, excluding the cover and references slides. You will choose your best narrator to narrate the presentation for wider distribution. The format should be professional and free from typos or grammatical errors. This is the board’s impression of your team’s performance!)
I am adding an example of an ( Example) PowerPoint presentation from the other group. I need a similar presentation created from those given technical reports and lab reports that I am attaching in the files. Due to the lab report being too. It’s not letting me share it on here. I will send you through my private email and you can download it later on.
Important information for you. (Your job is to look at the example of Given PowerPoint and create my PowerPoint from those given technical report and lab report) You don’t have to speak or (Narrate) on those PowerPoint that you will create, write it down below every slide instead. I will do the recording from your created notes.
An Overview of Current
Cyber Challenges in the
JOHN O’CONNOR-JUDY, MARKUS CUTTINO, WILLIAM EDWARDS,
STANLEY ARTHUR, STEPHEN NKRUMAH
Lab Report Results Review
Attack Methods Test Results
Technical Paper Summary
Vulnerabilities and Mitigation
Cain and Abel and Ophcrack password cracking tools used
Ophcrack program was more efficient
Passwords can be made up of four types of character sets
Brute-Force Attack Results
Overview of Epic Healthcare
Founded by Judith Faulkner in 1979
Goal is to better manage external factors
Health Information Technology (HIT) and Electronic Health
Information Technology Utilized
Unified Computing System
Cogito Data Warehouse intelligence system
Benefit of this system
Denial of Service
greatest threat to ePHI
technical and administrative policies being upheld
Caballero, A. (2013). Information security essentials for IT managers: Protecting mission-critical systems. Retrieved from https://booksite.elsevier.com/samplechapters/9781597495332/02~Chapter_1.pdf
Cain, C, & Haque, S. (2008, January). Organizational workflow and its impact on work quality. Retrieved from https://www.researchgate.net/publication/49843267_Organizational_ Workflow_and_
Cisco (2016). Epic on Cisco UCS: Helping healthcare providers do more, faster, and at a lower cost. Retrieved from https://www.intel.com/content/dam/www/public/us/en/documents/
Doherty, N., & Fulford, H. (2006, January 1). Aligning the information security policy with the strategic information systems plan. Computers & Security, 25, 55-63. Retrieved from https
Dunham, R. (2020, March 10). NIST password guidelines – what you need to know. Linford & CO LLP. Retrieved from https://linfordco.com/blog/nist-password-policy-guidelines/
Essays, UK. (November 2018). The threats of information system security Information Technology essay. Retrieved from https://www.ukessays.com/essays/information-technology/the-threats-of-information-
HHS.gov. (2020, February 4). The privacy act. Retrieved from https://www.hhs.gov/foia/privacy/index.html
Gast, B. (2011, December 7). The 7 critical healthcare systems IT must protect. Retrieved from https://www.healthcareitnews.com/news/7-critical-healthcare-systems-it-must-protect
Newman, J. (2019, April 8). Electronic health records giant Epic Systems turns 40. Wisconsin State Journal. Retrieved from
O’Connor-Judy, J. , Cuttino, M., Edwards, W., Arthur, S. & Nkrumah S. (2020). Test password-cracking tools lab report. [Unpublished manuscript]. University of
Maryland Global Campus.
O’Connor-Judy, J. , Cuttino, M., Edwards, W., Arthur, S. & Nkrumah S. (2020). Managing healthcare information in the digital age. [Unpublished manuscript].
University of Maryland Global Campus.
Olavsrud, T. (2016, September 21). How to protect your mission-critical information. Retrieved from
Wash, S. (2019, October 4). Mission-critical: securing patient data for better care. Retrieved from
Weisman, S. (2019). What are Denial of Service (DoS) attacks? DoS attacks explained. Retrieved from
Brute-Force Attack Results
Overview of Epic Healthcare Systems
Information Technology Utilized
MedStar Health Inc, a leader in the healthcare industry regionally and nation-wide, is a constant target of the malicious attempts of cyber criminals. Over the past 6 years MedStar Health Inc. has faced several instances of data breach most notably, the 2016 breach that compromised 370 computer systems and halted its operations. As the organization continues to digitize and broaden the use of electronic medical records across its facilities, the threat of cyber-attack remains even more pervasive. The purpose of this report is to provide an overview of MedStar Health Inc cybersecurity vulnerabilities, examine the overall causes and impact of the breaches and explore solutions to meet the organization’s cybersecurity challenges.
With a focal point on MedStar Health breaches, a literature-based study was conducted, and various news articles, academic journals and company publications were analyzed. It was found that the 2016 and 2020 data breaches were attacks on the organization’s internet servers. The 2020 hack compromised the records of 668 patients, whereas the 2016 hack was a result of a ransomware infection that compromised 7500 individuals’ records and halted the organizations’ operations. The cost of the virus infection was greater than the $19,000 ransom requested due to additional recovery and remediation costs. It was also revealed that the 2019 breach was due to human error.
To best combat the efforts of cyber criminals, it is recommended that MedStar Health Inc. place greater emphasis on cyber awareness training for employees/professionals, implementing multiple factor authentications and a strong password and identity management system to reinforce its IT infrastructure against future hacks. Failure to effectuate these measures pose significant risk to MedStar Health Inc., its affiliates and patients that extend beyond ransom payments, fines, imprisonment, lawsuits and costs incurred for subsequent identity theft protection services. The damage caused by data security breaches may prove fatal for patients, the company’s most valued asset, compromising public perception and the company’s mission to provide the highest quality of medical care and build long-term relationships with the patients they serve.)
Actual Technical Report
MedStar Medical Vs. Cybercrime
In the health sector, experts “see persistent cyber-attacks as the single greatest threat to the protection of healthcare data” (Moffith & Steffen, 2017). To the world at large, this is not the most absurd news or revelation. Healthcare data embodies some of the most marketable information, and for the black market this is Eldorado – the fictional tale of the city of gold. Healthcare organizations are tasked with fighting the uphill battle of providing quality medical care to their number one stakeholder – patients – while also ensuring that their valuable information is kept safe and secure. Despite their efforts, healthcare organizations sometimes fail in their attempts to provide adequate security. In 2016, MedStar Health – a not-for-profit healthcare organization – suffered a data breach that left thousands of residences of the Washington DC and the Maryland area distraught. This paper highlights the concerns faced by MedStar Health and the damage caused by these cyber-attacks. It also analyses various vulnerabilities seen in the healthcare sector and highlights needed comprehensive security perspectives and industry-proven security systems to provide recommendations on how MedStar Health can potentially face these challenges.
MedStar Health’s Bio
MedStar Health offers “the highest quality care for people in Maryland, Virginia, and Washington, D.C.,” solidifying its reputation as a leader in the healthcare industry both regionally and nationally (MedstarHealth, 2021). The organization operates ten hospitals and over twenty health-related businesses, including ambulatory care, urgent care centers, and a research institute across the Washington, DC, and Maryland area. It also currently employs 30,000 associates, 6,000 affiliated physicians and has one of the largest graduate medical programs in the country, where more than 1,100 medical residents are trained annually (MedStar Health, 2021). Also, MedStar Health is the medical education and clinical partner of Georgetown University.
The 2016 Breach
On March 28, 2016, MedStar Health was a victim of a data breach that brought the medical “behemoth” to a standstill (Cox et al., 2016). This attack forced the institution to power down critical infrastructure and processes for several days to slow the virus’s spread. Specifically, the cybercriminals used a ransomware attack to encrypt the organization’s data and infected critical systems. The Washington Post describes this crime as being “financially motivated, [where] the hackers make demands that put their victims in a difficult spot…, [targeting] critical data — such as patient records — then ask for a ransom” in exchange for decrypting the compromised data (Cox et al., 2016).
Consequently, as a result of this attack, ten hospitals and over twenty medical centers were pushed back to the primitive means of operation, slowing down overall productivity and affecting thousands of patients. NBC News reported that thousands of MedStar’s patients with appointments were greeted with the voice message, “Our computer systems are still down, so we need you to bring a list of current medications and a list of allergies” (Williams, 2016). The impact of this ransomware attack was truly daunting, as it denied health care professionals access to information and resources needed to perform their duties–it ultimately hindered the organization’s ability to fulfill its mission of providing quality healthcare to its patients.
The 2019 Accidental Data Leak
On July 22, 2019, MedStar Health’s Privacy Director, Mutanu Mutuvi-Thomas, reported to the Attorney General that their organization experienced an accidental data leak on June 19, 2019, where confidential information was shared. In an email describing the incident, the Privacy Director explained the accident and the course of action taken to remediate the issue. When the mistake was realized, strict instructions were immediately issued to the recipients of the accidental email to securely delete the document from their emails and trash receptacles. To prevent further disclosure of the sensitive information, legal documents were then issued to the recipients to sign confirming the deletion (MedStar Health, 2019). Additionally, the affected residents were “offered one year of complimentary credit monitoring and identity theft protection services through Experian” (MedStar Health, 2019). This was a valiant effort on MedStar Health’s part, in protecting not only their patients, but also the care providers in light of this exposed vulnerability. Although this incident was reported in the 2019 End of Year Data Breach Report by ITRC (Identity Theft Resource Center), there was no additional information available, as it was discreetly handled internally.
The Healthcare and Cybersecurity
Healthcare information is precious, as it encompasses a holistic view of a person’s health, and thus, the health of the wider community. This information is used to determine medical treatment and policies that ultimately influence the standard of living at large. Not too long-ago medical information was stored as physical files and was accessed through manual processes. This of course posed unique challenges regarding data communication, efficiency, accuracy, and security – demonstrating a need for the digitization of health files (Touro College Illinois, 2021).
“Today, healthcare information is widely collected, stored, accessed and transmitted digitally, thanks in part to the Health Information Technology for Economic and Clinical Health (HITECH) Act” (Touro College Illinois, 2021). This act promoted the widespread use of electronic health records (EHR) and health information exchange (HIE) to share and store healthcare information. This shift in handling medical data created, without question, overall improvements to healthcare, as health records are updated in real-time and patients are treated with more efficiency. “As healthcare information …migrated to the digital environment, it [became] highly valuable and therefore vulnerable to cybercriminals on the dark web” (Touro College Illinois, 2021). Healthcare cybersecurity laws were then introduced with guidelines to follow set forth by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to protect patients’ information.
Cyber threats to the healthcare industry continue to be a major problem. Organizations have reported more instances of data breach with the increasing use of EHR. While the scope of the threats remains unknown, the industry in most recent years have taken more steps than ever before to close the gap. In this section, the researchers aim to provide an overview of the health sector’s cyber concerns and the various data breaches experienced by MedStar Health
How Serious is the Cyber Concern?
Between 2009 and 2016, there were 1,798 data breaches reported; of which 1,225 were reported by health care providers. Also, of 257 reported breaches 216 were hospitals, and at least 33 of those facilities were involved in multiple cyber incidents (Schmeelk et al., 2021). Within 2010 and 2013, studying a dataset of 949 breaches recorded by the Office of Civil Rights (OCR), there were more than 29 million compromised health records (Schmeelk et al., 2021). Figure 1 below highlights the five categories of breaches recorded by OCR between June 2019 to June 2020: “Hacking/I.T. Incident reports totaling 264 breaches, Improper Disposal totaling 12 breaches, Loss totaling 11 breaches, Theft totaling 27 breaches, and Unauthorized Access/Disclosure totaling 102 breaches” (Schmeelk et al., 2021).
Breach Types between June 2019 to June 2020 (Schmeelk et al., 2021).
Moreover, within the exact timestamp of June 2019 to June 2020, there were three significant data breaches within the healthcare sector. On July 1 of 2019, Optum360 LLC. reported a breach affecting 11,500,000 individuals and days later, July 15 of 2019, Clinical Pathology Laboratories Inc. also reported a breach that affected 1,733,836 individuals. Both breaches were the result of an attack/ hack of their IT Network Servers. Additionally, on February 5 of 2020, Health Share of Oregon declared a data breach that affected 654,362 individuals due to a laptop theft (Schmeelk et al., 2021).
The seriousness of these concerns is seen in figure 2, which highlights the number of U.S. residents affected by healthcare data breaches between 2014 to 2019. As reflected, 113.2 million U.S. residents were affected by cyberattacks in 2015. In 2020, surprisingly, only 23.5 million affected U.S. residents were impacted by cybercriminals’ acts, despite the Covid 19 pandemic (Johnson, 2021). Nevertheless, this is still a substantially large number of individuals affected as result of data breaches in the healthcare sector.
The number of U.S. residents affected by health data breaches from 2014 to 2019, in millions (Johnson, 2021).
MedStar Health’s Data Breaches
Over the last six years, MedStar Health faced three major data breaches that have heightened concerns surrounding the organization’s cybersecurity posture. The data breach of 2016 left 10 MedStar Health hospitals and 250 outpatient centers in the Washington DC and the Maryland area at a standstill. Their entire infrastructure was victim to the ransomware attack. According to the Indian Health Services (IHS), 7,500 individuals were affected by this 2016 data breach, and a ransom of USD 19,000 was requested –which was not paid. The 2019 cyber threat came from an internal error that leaked “sensitive personal information of residents to a class of new intern physicians” (MedStar Health, 2019). This case was handled internally, and there are no reports of any further damage caused by this internal threat. Finally, according to OCR, on September 25, 2020, 668 individuals were affected by a network data breach, categorized as an I.T./ Hacking incident, at MedStar Health. Unfortunately, there was no additional information posted online concerning this breach, as it is currently filed under the OCR section of presently under investigation.
In the age of technological advancements, preparedness is vital when facing the daunting reality of the capabilities embodied by cybercriminals. MedStar, along with many other medical facilities, learned this truth the hard way with the implementation of electronic health records. Craig DeAtley, the organization’s director of emergency management, commented on the need for better preparations in light of the 2016 data breach in an interview. He said, “[w]e were practiced at individual workarounds, but we had never really rehearsed losing everything, much less all at once, … [Y]ou need to exceed your comfort level to prepare for a problem this vast” (Hall, 2016). MedStar Health and healthcare providers need to keep up with modern cybersecurity practices, regular cyber awareness training, and up-to-date system infrastructures to embody this readiness.
In the 2016 cyberattack, several infrastructure resources were rendered useless because of the virus. The Ransomware that crippled the hospital’s systems restricted access to essential EHR, leaving thousands of patients without sufficient care. In the realm of cybersecurity, the CIA triad are core principles of information security that assist in the discussion and implementation of measures to turn the tides of this uphill battle. In essence, these principles help with the needed preparedness. The CIA triad’s core principles ensure that data remains confidential, maintains its integrity, and access to required information is always available. These principles will guide the proposed recommendations for MedStar Health on ways to improve their I.T. systems.
MedStar Health suffered an external attack in 2016, and the damage was substantial. However, this gateway was made possible by human error, and thus cyber harm can be done from within any organization, whether it be malicious or through careless actions. This act is referred to as an Insider Threat. Through these thoughtless or malevolent actions, health records are compromised, and in turn, patients suffer. More so, these actions often, more times than not, expose the vulnerabilities in the CIA triads, endangering “confidentiality, integrity, [and] or availability of the organization’s information or information systems” (Mazzarolo & Jurcut, 2019). In the case of MedStar Health, in 2016, employees’ access to their systems was restricted, removing the availability of needed PHI, and the integrity of the data was potentially compromised. Understanding the seriousness of the insider threat can ultimately help protect MedStar Health against these vulnerabilities.
Typically, when a breach is revealed on the news or reported to the OCR, it is usually due to an outsider. However, thoughtless action can prove more lethal. The 2019 data leak at MedStar Health of residents’ confidential information is an example of insider threat, as this was a careless act that exposed PHI. “The hazards that originate from inside [an organization are more] difficult to prevent and detect because insiders pose a serious danger as they are familiar with the organization’s… systems…, and policies, and they have access to confidential information” (Mazzarolo & Jurcut, 2019). Although the 2019 incident was accidental, it doesn’t take away from the potential threats mistakes can cause. A lesson that MedStar Health is fully aware of, as seen in their actions to resolve this incident quickly.
At this point, it is understood how valuable medical information is, and not just to healthcare facilities, but also to the cyber black market. In fighting this unavoidable circumstance, healthcare management needs to understand the driving factors behind cybercriminals. There is the common saying that resonates with the benefit of knowing your enemy, and it holds true in these challenging circumstances. The intrusive motives of cyber criminals may be opportunistic for monetary gain, political exposure and change, ideological activism, disruption of services or access, and/or just simply to cause physical harm.
In MedStar Health’s 2016 case, the motive was monetary and to disrupt service and access of their systems. This action, in turn, caused harm to the patients and the care they required. Ablon (2018) describes this type of attacker as a Cybercriminal. “Cybercriminals are motivated by financial gain—they care about making money. They want access to our personal, financial, or health data—in order to monetize them on underground black markets” (Ablon, 2018). The motives behind the breach of 2016 preyed on the vulnerability in patient data confidentiality and electronic records’ availability to MedStar Health staff. Thus, understanding the enemy can prove beneficial in MedStar Health’s pursuit of curbing these vulnerabilities.
Like intrusion motives, the hacker’s psychology is tied to the cybercriminal’s mindset and begs the question of what ultimately motivates them to hack. This goes for both cybercriminals and cybersecurity professionals. The difference is the motivating factor. As briefly mentioned, some hackers will conduct their actions with the sole purpose of making money, while others perform the same steps because of curiosity. In the case of cybersecurity professionals, these actions are done to protect everyday civilians who cannot defend themselves from cyber-attacks. Understanding the hacker’s psychology will help cyber professionals make better decisions regarding keeping EHR confidential, maintaining all records’ integrity, and ensuring that the data remains accessible to the right employees. “[W]hen analyzing threats and attacks, it is important to focus on the psychological aspect of an intruder, their motives and intentions and their way of thinking, planning and performing attacks” (Pleskonjic, 2006). This mindfulness will help cybersecurity professionals in their task of creating sound vulnerability assessments.
More so, understanding the fundamentals of insider threats, intrusion motives, and hacker psychology provides an excellent foundation for guiding the conversation surrounding the CIA triad’s principles. This understanding, alongside sound security systems, will aid MedStar Health in its concerns regarding the confidentiality, integrity, and availability of PHI and ePHI.
Identity Management System
Identity management is an important tool in securing information systems and if properly applied it would aid in the reinforcement of MedStar Health security posture. It is essentially the process by which users’ identities are defined and managed in an enterprise environment and encompasses two vital concepts, “Access” and “User”. “Access refers to actions permitted to be done by a user (… view, create, or  a file), [while users refer to] employees, partners, suppliers, contractors, or customers” (De Groot, 2019). Implementing an Identity Management System provides the ability to segment employees based on their roles. This system will ensure that access is given to the proper personnel at MedStar, and access will be managed when those employees transition roles and or leave the company. This type of access management and control aids the fight against cyber concerns and can ultimately help reduce the risks of vulnerabilities in MedStar Health’s framework; as it corrects issues surrounding authorization, as access is controlled based on job description and role.
The Identity Management System is designed to address three critical security tasks: identity, authenticate, and authorize. “Meaning, only the right persons should have access to computers, hardware, software apps, any I.T. resources, or perform specific tasks” (De Groot, 2019). At MedStar Health, as of 2017, OnCore, a clinical management system, was implemented to work in conjunction with PowerTrials, a module within the MedStar electronic medical record (MedStar Health, 2017). OnCore holds records of patient’s progress, and to some degree, billing intimation, while PowerTrials stores these patients’ medical records. “These two systems both serve a different purpose within [MedStar] but work with each other to serve study and subject information to the appropriate users” (MedStar Health, 2017). With a proper Identity Management System in place, access to these systems will remain secure. The system controls the users’ access (their unique passwords) to each platform, ensuring no unauthorized person gains access to this confidential information.
In considering an Identity Management System for MedStar Health, the following components are needed:
a scalable, secure, and standards-compliant directory service for storing and managing user information; a provisioning framework that can either be linked to the enterprise provisioning system, such as a human resources application, or operated in standalone mode; a directory integration platform that enables the enterprise to connect the identity management directory to legacy or application-specific directories; a system to create and manage public key infrastructure (PKI) certificates; a run time model for user authentication; and a delegated administration model and application that enables the administrator of the identity management system to selectively delegate access rights to an administrator of an individual application or directly to a user (Oracle, 2010).
An Identity Management System Model (Oracle, 2010).
In the realm of Identity Management, there are various ways one may access information and resources, and this system assists in navigating this dialogue of access. At the basic level of an Identity Management System is Role-Based Access Control (RBAC). “Under this approach, there are predefined job roles with specific sets of access privileges” (De Groot, 2019). For instance, at MedStar Health there is no reason why a security guard should have the same access as someone on Payroll. Their individual roles separate their access. The second approach is Single Sign On (SSO). In this model of the Identity Management System, users only need to verify themselves once. The user is “given access to all systems without the need to log separately into each system” (De Groot, 2019). Finally, there is the Multi-Factor Authentication (MFA). In this Identity Management approach, the “authentication process combines something the user knows (like a password) with something the user has (like a security token or [One Time Password] OTP) or something that’s part of the user’s body (like biometrics)” (De Groot, 2019). When used independently, these Identity Management approaches are not sufficient to secure an organization given the tools currently available to cybercriminals. However, when these approaches are used simultaneously to manage and control access along with passwords, and user identity, there is a greater probability of securing PHI and ePHI.
In regards to passwords, the Identity Management System allows for total control over the policies governing passwords, their requirements and their expiry date. As such, in implementing a thorough Identity Management System MedStar Health is taking the most critical steps in securing their infrastructure and sensitive information, ensuring that passwords are changed frequently and are complex enough to safeguard PHIs.. Strong passwords paired with multilevel authentications will create a defense that is reputable in this cyber driven world.
Example of an Identity Management System at MedStar Health
When attending to patients at the health care facilities, while using a laptop, Doctor X will enter their set login credentials (their username and password). Their identity will then be checked against a database to verify if the correct credentials were entered and match the ones stored. If correct, Doctor X will gain access to the laptop. Once logged in, Doctor X will attempt to visit the needed web service that holds MedStar Health’s PHI. Again, Doctor X will be prompted for their username and password. The system will also check the user’s credentials against their database. However, at this point, there is an additional layer of security requiring another form of authentication for access, an MFA. The website creates a unique authentication key for the user based on their previously entered credentials. This identification key is then sent to Doctor X for confirmation. This MFA may be in the form of an app on a mobile device linked to the doctor’s login credentials. The identification key is generated on Doctor X’s mobile device and prompts for confirmation. Once confirmed, maybe within a set time limit, and both forms of authentication match the database managing credentials, Doctor X will gain access to the database that holds the patient’s health information.
The example above highlights how a simple Identity Management System may work within MedStar Health, where only specific users in the organization are allowed to access and handle sensitive information. The Identity Management System does a fantastic job at provisioning access across organizations; however, safe computer etiquette needs to complement these systems to address significant vulnerabilities.
Example of MFA in the Identity Management System (Papaspirou et al., 2021).
The importance of safe computer etiquette
In the case of MedStar Health, in the 2016 ransomware attack, if personnel were adequately trained to identify phishing emails or malicious hyperlinks, this incident could have been avoided and their records could have been protected. The same can be said for the 2019 accident. “IBM’s 2015 Cyber Security Intelligence Index stated that 45 percent of all breaches were due to insiders and that 95 percent of those breaches were due to human error” (Perez, 2016). The report also stated that 42.75 percent of all cyberattacks are caused by inadequately or improperly trained staff. Thus, with the proper tools and safe computer etiquette, MedStar and all healthcare providers can better protect their number one stakeholder’s information, their patients.
In an interview with SCMagazine, a cybersecurity magazine in the UK, Jacob Ginsberg, a senior director at Echoworx, said it best. He compares the basic things an individual learns growing up, not touching a hot oven – to the education needed in the digital workplace. He said, “[there] should probably have similar lessons like that which would educate the digital workforce on the basic things you can do to stay safe at work” (Perez, 2016). This fundamental educational gap must be filled to ensure that the average MedStar employee knows how to protect their data and not fall prey to crafty phishing emails and other avoidable mistakes seen in 2019.
The frequency of cybersecurity awareness training in the U.S. Healthcare Sector as of 2018 (Stewart, 2019).
The numbers reflected in the chart above should be significantly higher, given that millions of individuals are affected yearly by cyberattacks in healthcare. Overall, the current situation society faces is dire however, the technology and training are available to aid in protecting PHIs and addressing these concerns. “Patient First is the heart of quality care at MedStar Health. Part of “Patient First” is [MedStar Health’s] promise to keep patient information private” (MedStar Health, 2014). Thus, implementing the recommendations highlighted in this paper is critical to MedStar Health’s promise to their patients. With proper cyber awareness training, a robust Identity Management System, a better understanding of insider threats, and the motives and psychological mindset of their potential intruders, MedStar Health is armed with the appropriate tools needed in this uphill fight. This approach ultimately protects their number one stakeholder, their patients.
Ablon, L. (2018, March 15). The Motivations of Cyber Threat Actors and Their Use and Monetization of Stolen Data. The RAND Corp.
Cox, J., Turner, K. & Zapotosky, M. (2016, March 28). Virus infects MedStar Health system’s computers, forcing an online shutdown. Washington Post.
De Groot, J. (2019, December 19). What is identity and access management (IAM)? Data Insider.
Hall, S. (2016, June 30). Lessons from the MedStar Health ransomware attack. Fierce Healthcare.
Johnson, J. (2021, March 10). Number of U.S. residents affected by health data breaches from 2014 to 2019, in millions. Statista.
Mazzarolo, G., & Jurcut, A. D. (2019). Insider threats in Cyber Security: The enemy within the gates.
MedStar Health Inc. (2021). Graduate medical education.
MedStar Health Inc. (2019, July 22). Security Breach Notification.
MedStar Health Inc. (2014, October). Protecting Patient Privacy.
Moffit, R. & Steffen, B. (2017). Health care data breaches: a changing landscape. Maryland Health Care Commission.
Oracle. (2010, January 2). Identity Management Concepts and Deployment Planning Guide.
Papaspirou, V., Maglaras, L., Amine Ferrag, M., Kantzavelou, I., Janicke, H., & Douligeris, C. (2021, January 20). A novel two-factor honeytoken authentication mechanism.
Perez, R. (2016). Cyber-security awareness. S.C. Magazine: For I.T. Security Professionals (U.K. Edition), 18–21.
Pleskonjic, D., Milutinovic, V., Maček, N., Djordjevic, B. & Caric, M. (2006). Psychological profile of network intruder.
Schmeelk, S., Dragos, D. & DeBello, J. (2021). What can we learn about healthcare I.T. risk from HITECH? Risk lessons learned from the US HHS OCR breach portal. Proceedings of the 54th Hawaii International Conference on System Sciences. 3993-3999.
Stewart, C. (2019, May 20). Frequency of security awareness training in healthcare organizations U.S. 2018.
Touro College Illinois. (2021, March 4). How is healthcare information kept safe?
Tutorials Point. (n.d.). What are web services?
Williams. P. (2016, March 31). Medstar hospitals recovering after ‘ransomware’ hack. NBC news.
In the lab, there were two tools used for password cracking, Cain & Abel and Ophcrack. Brute Force attacks and Dictionary attacks recovered the passwords by using NTLM Hashes. Passwords recovered in Ophcrack imported users username, LM hash, and NT hash into rainbow tables to crack the users password. This report will provide the results of using each attack on three separate users.
Using Brute Force, Apollo and Batman passwords were recovered within 10 seconds. User Csadmin password was never recovered. Dictionary provides more options to define the password, Apollo and Batman were found in 5 seconds. Csadmin password was never recovered. Lastly, Ophcrack recovered Apollo and Batman passwords immediately. However, Csadmin password was never recovered.
Ophcrack recovered the password the quickest. When using Brute Force, the predefined field and the password length has to be adjusted properly to recover a password in a reasonable amount of time. For example, Apollo password could take 2 years to recover using Brute Force when the predefined field is set on just letters and the length set to a max of 16 characters. When the predefined field is set to uppercase and lowercase letters and numbers the password was recovered within 10 seconds. Ophcrack recovered the password within 1 second. Please review screenshots below for the results of the lab conducted.
There are four types of character sets when creating a strong password. The four types of character sets are password length, using uppercase and lowercase letters, including numbers and symbols, and creating a unique password. You should use all four types of character sets to create a secure password. The general rule for password lengths are no less than 8 characters. Passwords should be reset every 90 days.
Penetration testing is very important to do to ensure the security of a system. Penetration testing reveals system vulnerabilities, help develop security strategies for a real attack, and expose any poor security practices. Penetration testing can be a learning experience for MedStar’s IT Security team to learn different methods hackers use to penetrate a system. The team could also learn how to conduct incident reports and a remediation plan to apply a permanent fix.