What is a denial of service attack and why is healthcare targeted?
by Jazmine West
Have you ever visited a site that was down or refused to load, no matter how many times you refreshed? Have you ever experienced this on your site or network?
Well, you may have experienced a denial of service attack.
What is a denial of service attack?
A denial of service (DoS) attack is when a cybercriminal blocks access to a network, device or website so that users cannot access it. (Norton).
DoS attacks are commonly enacted for the purpose of revenge, blackmail, or political purposes. Although the purpose of DoS attacks is not primarily to breach data, they can still affect the end user’s experience to access or obtain necessary information.
Popular companies that have experienced this type of cyberattack are: Amazon Web Services (AWS), GitHub, and major banks including Bank of America, JP Morgan Chase and Wells Fargo.
The Cybersecurity & Infrastructure Security Agency (CISA) reports that DoS attacks are tricky to identify because they can be performed from virtually anywhere, and they may resemble internal technical problems.
Companies that collect sensitive details such as credit card numbers or personal information are common targets of DoS attacks. Other high-profile businesses such as media and e-commerce brands are especially vulnerable (Palo Alto Networks).
The healthcare industry is not immune either. For example, there was a high profile distributed denial of service (DDoS) attack on Boston Children’s Hospital in 2014. Anonymous (a well-known hacktivist group) targeted BCH after the hospital recommended one of its patients, a 14-year-old girl, be admitted as a ward of the state and that custody be withdrawn from her parents.
The attack disrupted the hospital for at least two weeks, interrupting Internet access and harming day-to-day operations and research capabilities. BCH spent more than $300,000 mitigating the damage from this attack.
Per Palo Alto Networks, There are two main ways that DoS attacks occur: flood attacks and crash attacks.
Flood attacks are the most common method. Essentially, the cybercriminal will flood the site with more traffic than the server can handle, effectively blocking new traffic from entering.
Crash attacks are when sent or exposed information crashes the server so that the access point is unavailable.
What are distributed denial of service attacks?
In recent years, DoS attacks have evolved to become more sophisticated.
A distributed denial of service (DDoS) attack is a modified DoS attack that originates from multiple locations. This makes it harder for organizations to track the source. They are used in larger-scale attacks.
DDoS attacks are typically carried out by botnets, which are a system of computers used to flood the target. These botnets are huge and can be leveraged on a global scale. Therefore, they can be much harder to stop (webopedia).
How can you protect yourself?
Unfortunately, like in the case of GitHub, DoS/DDoS attacks can occur no matter how well-prepared/protected you are.
According to CISA, there are some common steps you can take to be proactive and decrease the possibility of an attack:
- Invest in a DoS protection service that will detect abnormal traffic and redirect it away from your site.
- Make sure you are running anti-virus software
- Install a firewall and set it up to block internal traffic
- Develop a recovery plan in case you do get attacked (including email archiving)
Though troublesome and potentially expensive, the good news about DoS/DDoS attacks is that they do not tamper with data. But denial of service attacks are still a great reminder of how vulnerable we are online and the steps needed to protect sensitive information.
Paubox helps protect your healthcare entity’s protected health information (PHI) by providing HIPAA compliant email solutions. Check out Paubox Email Suite for a simple way to ensure sensitive data is protected.