Incident Of The Week: Health and Human Services Hit with Security Breach

March 30, 2020

In a digital age, some of the most significant threats facing the nation are cyber attacks. This threat became all too real for the Department of Health and Human Services (HHS) on March 15th. While the agency worked to slow the spread of COVID-19, their computer network suffered a breach of security.

On March 15th, the HHS's network security system detected a sharp increase in activity. Over several hours, hackers tried to overload the department's servers with millions of requests. The hackers weren't able to steal any data, but that didn't seem to be the point of the attack.

The HHS believes the attack was an attempt to slow down their network. If successful, it could've hindered the U.S.'s response to the coronavirus outbreak, which the agency believes to be the motive. But the attack failed, and the HHS's systems are still working as they should.

Misinformation and Confusion

The HHS is uncertain of where the attack originated. Some suspect a foreign government is behind it, but it remains unclear, and the HHS hasn't released much information about the investigation. But officials believe this is part of a broader attempt to undermine the government's COVID-19 response.

See Related: Design Flaws In Cyber Security Reports And Related CISO Sleep Patterns

The HHS attack wasn't the only security issue the government faced on March 15th. Near midnight, the National Security Council (NSC) tweeted a warning about rumors regarding a nationwide lockdown. This response came after the NSC learned of a spreading false message saying President Trump was about to issue a mandatory quarantine.

Officials say this false information campaign is related to the HHS cyber attack. By slowing the servers and spreading misinformation, the hackers would make it harder for agencies to manage the virus response and public fears.

HHS's Response

The cyber attack failed thanks to the HHS's extensive cyber security. The department had recently installed extra protective measures to prepare for their coronavirus response. When the flood of server requests came in on Sunday, the system was strong enough to withstand the excess activity.

See Related: Enterprise Security Leaders Prepare For Nation State Cyber Attacks

As part of their new security protocols, the HHS now closely monitors their network. This increased attention allowed them to discover the cyberattack relatively early. In response to the attempt, the HHS is working with the Cybersecurity and Infrastructure Security Agency (CISA) to investigate the source.

The National Security Agency (NSA) and other law enforcement agencies are also helping in the investigation. Government agencies across all departments are now working to improve their cyber security to protect against similar attacks.

Defending Against Cyber Attacks

This attempt on the HSS is a prime example of how cyber attacks can come in any form. Cyber criminals are always coming up with new methods to disrupt networks. While most cyber security measures may focus on preventing data loss, not all attacks try to steal anything.

The hackers wouldn't have needed to steal any data to harm the HSS. If they had successfully slowed the servers, they could've caused widespread network issues without having to penetrate the system. Companies need to take measures against all kinds of cybercrime, not just data theft.

If the HSS hadn't been continually watching their servers, this attack might have been successful. The National Institute of Standards and Technology (NIST) says continued monitoring is essential to managing cyber-threats. Businesses need to monitor their systems closely so that they can improve response time, handling threats before they breach the network.

Cyber attacks are a growing concern. But as this incident shows, companies can handle them with careful attention and well-rounded security.

Next: Cyber Security Standards and Frameworks

Read the original article and additional information at Cyber Security Hub