This Week Health

Don't forget to subscribe!

Drex dives into the lingering impact of OneBlood's cyber event, the surprising challenges of shadow IT—even for hackers—and the fascinating story of the very first ransomware attack. Learn how cyber defenders can gain an edge and discover lessons from the past to fortify your defenses.

Remember, Stay a Little Paranoid 

Subscribe: This Week Health 

Twitter: This Week Health 

LinkedIn: Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Transcript

This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

  Hey everyone, I'm Drex and. This is The Two Minute Drill, where I cover three hot security stories twice a week, all part of the 229 cyber and risk community, here at This Week Health. The Two Minute Drill is brought to you by Interprise Health, a health catalyst company. Did you know that with Blueprint, you can pull risk data from all of your tools?

Into a single unified risk management platform, and then you can prioritize all that risk and assign work and track exceptions and drive accountability all in one place. Blueprint. Check it out at InterpriseHealth. com. Thanks for joining me today. Here's some stuff you might want to know about. Last summer, you may recall, I know a lot of you in the South will recall that there was a blood and blood product company called OneBlood that had to decrease its capabilities pretty drastically during a significant cyber event.

As a result, 250 plus hospitals in Georgia and Florida and Alabama and the Carolinas all had to Activate critical blood shortage protocols. State regulators now are asking a lot of questions and OneBlood isn't answering a lot of those questions. They've declined to say how many people were affected by the data lost in the incident, saying only that certain files and folders were copied from the network without authorization.

There's bound to be more to this story. Try to stay on top of it and I'll keep you posted. For more than 30 years I was a healthcare CIO and one of the things. That was a chronic worry for me was the what kind of risk exposure was invisible to my team because of shadow it operations. Well, new research reported in cyber scoops suggested the problem of shadow it is pervasive because even the cyber thugs.

Have this problem for some hackers, their own sloppy security practices have created back doors that allow the good guys to see into their operations. And while they can't say it out loud, may have allowed them to actually commandeer some of that hacker infrastructure. And in a nutshell. Hackers are making the same mistakes that the defenders are.

tarted in healthcare. Back in:

Anyway, they sent all these disks out, mailed all these disks out to medical researchers and government healthcare organizations around the world. The disk was labeled AIDS information introductory diskette. And just the name was enough to compel researchers to insert the disk and open the files.

Remember that back in the 90s, AIDS was a very scary new virus. There was global anxiety about the disease. None of us knew anything about it. And so any new information was invaluable. So once the disk was inserted, the computer was infected. And within a few weeks, users realized that all their file names had been encrypted.

Not the files themselves, just the file name. That created chaos with users who'd never seen anything like this. And on screen was an ominous red box with a warning. An offer to unlock the file names in return for a licensing fee. 189 sent by cashier's check to a P. O. Box in Panama. A lot of data was lost in this first ransomware event.

Not a lot of money was made. The payment process made it pretty easy to find the perpetrator who was arrested and then had a nervous breakdown and was found unfit for trial. There is so much more to that story and all these stories and you can find it all at thisweekhealth. com slash news. Today's 2 Minute Drill was brought to you by Interprise Health, a health catalyst company.

It turns out you can reduce the time and effort needed for third party risk assessments by up to 50 percent using Interprise Health's Blueprint Gen AI technology. Security, compliance, and peace of mind. Find out more at InterpriseHealth. com. That's it for today's 2 Minute Drill. Thanks for being here.

Stay a little paranoid. I'll see you around campus.

2 Minute Drill is Sponsored By

Our Shows

Related Content

1 2 3 303
Healthcare Transformation Powered by Community

© Copyright 2024 Health Lyrics All rights reserved