News & Comment: Georgia university breach risks health, personal information of 417,000

COMMENT:

According to Pravin Kothari, CEO of cloud security vendor CipherCloud:

“Augusta University Health announced a major data breach which appears to have been caused by a targeted phishing attack. This cyber attack has potentially exposed the personally identifiable health care information (PII) of over 400,000 people and may be the 2nd largest reported data breach in healthcare this year.

Augusta University is certainly not alone. In May, LifeBridge Health, Inc., of Maryland reported a breach to HHS OCR impacting 538,127 individuals. The next closest breach was reported in January to HHS OCR by another university health care system, the Oklahoma State University Center for Health Sciences, which was reported as impacting 279,865 individuals.

The cause? A simple phishing attack. Phishing attacks either use malware-laden attachments or contain links to websites which then infect the user with malware. Email phishing shows no sign of stopping anytime soon and there is little defense to protect an endpoint where the user unknowingly cooperates with the attacker by clicking within the email.

Most defenses are structured to stop the malware associated with a phishing attack at the infected endpoint, although current events show us that these defenses don’t work well, if at all. Attackers will get into your network. Both on-premise and cloud-based computing resources are highly vulnerable.

New strategies, such as Zero Trust, build in additional safety checks to ensure that even attackers that penetrate the network through a phishing attack will be unable to successfully find and exfiltrate your data. Zero Trust will substantially harden your authentication, network access, and data protection using tools like end-to-end encryption. This new strategy is incremental to your existing defenses and can be deployed carefully in layers as your resources permit.

Finally, consider that the security operations team over at Augusta University has relatively strong cyber defense resources. The university just opened a $100 million cybersecurity center on their Riverfront campus. Over 40,000 residents work in cybersecurity in Georgia with many of them quietly employed as code breakers and analysts at the National Security Agency, over at Fort Gordon. Phishing attacks will continue to work and without major changes in cyber defense strategy, these attackers will continue to get in and steal your data.”