The Department of Health and Social Service (DHSS) disclosed that it was the victim of a sophisticated cyberattack from a nation-state level actor.
Citing an investigation conducted together with security firm Mandiant, DHSS officials said the attackers gained access to the department’s internal network through a vulnerability in one of its websites and “spread from there.”
Officials said they believe to have expelled the attacker from their network; however, there is still an investigation taking place into what the attackers might have accessed.
Check It Out: Alaska Health Service Attacked by Nation-State Cyber Attacker
Andrew:
It is both important and intriguing that the DHSS pointed out that the cyberattack was from state-sponsored hackers, rather than a cyber-criminal ransomeware attack.
Although health systems and hospitals have been the targets of such attacks, notably hospitals and other health facilities during the height of the pandemic, it would be interesting if there were a public repository that listed these attacks, and categorised them according to attacker-type (state sponsored, criminal syndicate, etc) even though it is recognised that often these are practically one and the same.
It is also time to rethink multi-layered and tiered security, with back-end active alert notification to agencies tasked with both tracking and countermeasures.
Whatever we’re currently doing, it’s not enough.