x
Limited Time Offer: Save up to 20% on a new CIS SecureSuite Membership | Learn more
×
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Why CIS

Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world



About Us Leadership Principles Testimonials

Solutions

secure your organization
Secure Your Organization


secure specific platforms
Secure Specific Platforms


cis securesuite CIS SecureSuite® Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments


View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities



CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers

Resources

resources
Resources


learn
Learn


filter by topic
Filter by Topic


View All Resources  
CIS Logo Show Search Expand Menu

DDoS Attacks: In the Healthcare Sector

Distributed denial of service (DDoS) attacks are a popular tactic, technique, and procedure (TTP) used by hacktivists and cybercriminals to overwhelm a network to the point of inoperability. This can pose a serious problem for healthcare providers who need access to the network to provide proper patient care or need access to the Internet to send and receive emails, prescriptions, records, and information. While some DDoS attacks are opportunistic or even accidental, many target victims for a social, political, ideological or financial cause related to a situation that angers the cyber threat actors.

Example

This was the case with Boston Children’s Hospital in 2014. Anonymous (a well-known hacktivist group) targeted the Boston’s Children’s Hospital with a DDoS attack after the hospital recommended one of their patients, a 14-year-old girl, be admitted as a ward of the state and that custody be withdrawn from her parents. The doctors believed the child’s ailment was actually a psychological disorder and that her parents were pushing for unnecessary treatments for a disorder the child did not have. The custody debate put Boston Children’s Hospital in the middle of this controversial case, and some, including members of Anonymous, viewed this as an infringement on the girl’s rights. Anonymous took action by conducting DDoS attacks against the hospital’s network, which resulted in others on that network, including Harvard University and all its hospitals, to lose Internet access as well. The networks experienced outages for almost a week, and some medical patients and medical personnel could not use their online accounts to check appointments, test results, and other case information, according to the Boston Globe. As a result, the hospital spent more than $300,000 responding to and mitigating the damage from this attack, according to the attacker’s arrest affidavit.

Recommendations

DDoS attacks occur in a variety of ways, and understanding which type of attack is occurring is an important part of being able to properly mitigate the attack. In the MS-ISAC Guide to DDoS Attacks you will find an explanation of the different types of attacks (including the multiple types of standard and reflection DDoS attacks), followed by specific recommendations unique to each type of attack. General recommendations for defense against DDoS attacks include maintaining an effective partnership with your upstream network service provider as well as partnering with companies that provide DDoS mitigation services.