HCAD 670 Assignment 8: Cyberattack on Universal Health Services, Inc., 2018
Instructions
Ransomware is a type of malware from crypto virology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called crypto viral extortion. It encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt. Ransomware attacks are typically carried out using a Trojan disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. International law enforcement authorities during the height of the pandemic warned that hospitals and healthcare facilities in multiple countries were being targeted in ransomware attacks.
Often a ransomware attack is the first phase of a multistage extortion attempt from cybercriminals. Criminals routinely demand millions of dollars to unlock the encrypted systems and then follow that up by threatening to publish stolen data on the internet if they are not paid a second time.
On September 28, 2020, until October 7, 2020, Universal Health Services, which runs more than 400 healthcare facilities in the United States and the United Kingdom, has more than 90,000 employees and cares for about 3.5 million patients each year, had its IT network hit by a ransomware attack which left a number of its hospitals in the United States without access to computer and phone systems, including facilities in California, Florida, Texas, Arizona and Washington, D.C.
The ransomware attack managed to disable multiple antivirus programs in place on the targeted systems. Once the antivirus software was disabled, the malware caused the computers to log out and shut down, and if administrators attempted to reboot these systems, they simply shut down again. With their systems shut down, clinicians were unable to access vital information, including data found in their Electronic Health Record (EHR) or picture archiving and communication system (PACS) system.
Your assignment:
In a MEMO format, in 1000-1200 words, please discuss the following about the Universal Health Services (UHS) Ransomware attack of September 2020:
What went well with the response? What were the significant challenges with the response? In which ways could the response have been improved?
During Week One, we discussed Fayol’s Five Functions of Management: (a) Planning, (b) organizing, (c) coordinating, (d) commanding, and (e) controlling.
As the Chief Operating Officer (COO) at one of the (UHS) healthcare facilities in the United States or Territories (Universal Health Services, Locations; pick one), how would you augment your healthcare facility’s preparation and response to protect and mitigate against future cyberattacks? Discuss ways in which you would use all five functions of Fayol’s Five Functions of Management, which would influence the development of your plan.
Make certain that your assignment follows the Memo Format guidelines stated in the link below and is in the APA 7th edition format with a cover page, separating your sections by the appropriate APA Level Headings. Also, make sure you include a reference page and at least eight (8) references.
Resources:
Expert Solution Preview
Introduction:
The Universal Health Services (UHS) faced a ransomware attack in September 2020 that affected its IT network and computer systems. This assignment requires a memorandum that evaluates UHS’s response to the attack. The memorandum should also discuss how a COO at one of UHS’s healthcare facilities can protect and mitigate against future cyberattacks by implementing Fayol’s Five Functions of Management.
Answer:
Universal Health Services (UHS) faced a significant challenge in responding to the ransomware attack in September 2020. However, the healthcare facility had some notable achievements in its response. First, UHS promptly reported the incident to the appropriate authorities, including the Federal Bureau of Investigation. Collaborating with the authorities helped to mitigate the potential impact of the attack. UHS also provided regular updates on the attack’s progress to help stakeholders and patients stay informed.
Despite the positive aspects of UHS’s response, the healthcare facility had significant challenges in responding to and managing the attack. One significant challenge was the severity of the attack, which caused multiple antivirus programs to shut down. As a result, clinicians could not access vital information, which created delays in delivering care to patients. Additionally, the ransomware attack disrupted the facility’s communications systems, which complicated the emergency response process. Lastly, UHS faced time constraints in coordinating its response efforts as they needed to get their systems back online without paying the ransom.
The response to the UHS attack could have been improved in several ways. First, healthcare facilities should prioritize regular cybersecurity assessments to identify vulnerabilities. UHS’s information technology systems were not prepared for the level of sophistication used during the attack. A routine cybersecurity assessment could identify vulnerabilities and enable the facility to take necessary measures to mitigate them. Additionally, healthcare facilities should invest in proactive cybersecurity tools such as intrusion detection and prevention systems and data loss prevention systems to identify and stop attacks before they can cause significant damage.
As a COO at a UHS healthcare facility, I would augment my facility’s preparation against future cyberattacks in several ways by using the five functions of Fayol’s Five Functions of Management. In the planning stage, I would assess my facility’s cybersecurity infrastructure and identify vulnerable areas and measures to mitigate them. For organizing purposes, I would collaborate with my facility’s IT team to implement proactive cybersecurity measures. In coordinating efforts, I would create a task force responsible for providing regular updates, monitoring alerts and logs, and assessing the overall response strategy.
In commanding and controlling stages, I would ensure that all staff are familiar with emergency response procedures and have access to cybersecurity training to prevent social engineering attacks such as spear phishing. Lastly, I would monitor and evaluate my facility’s cybersecurity systems’ performance and identify areas that require improvement and take necessary actions to mitigate them.
In conclusion, ransomware attacks are a growing concern for healthcare facilities worldwide. UHS’s response to the ransomware attack of September 2020 was commendable, but there is room for improvement. A COO at a UHS healthcare facility can protect and mitigate against future cyberattacks by using Fayol’s Five Functions of Management to organize and plan cybersecurity infrastructure effectively, coordinate emergency response efforts, command and control responses, and assess and evaluate systems performance regularly.