Compromised vendor credentials allow Hancock Hospital breach

January 22, 2018//Ellen Neveux

The Hancock Regional Hospital in Greenfield, Indiana, was attacked this month by a ransomware called SamSam. This month, the hospital discovered that their critical information systems were being targeted. The attackers held the Hancock systems and more than 1,400 files “hostage” until a bitcoin ransom was paid.

“Hancock Regional Hospital has been the victim of a criminal act by an unknown party that attempted to shut down our operations via our information systems by locking our computer network and demanding payment for a digital key to unlock it,” the hospital said in a statement. “Unfortunately this sort of behavior is widespread in the world today, and we had the misfortune to be next on the list.”

It’s important to note that the hackers were able to gain access to the hospital’s systems by using stolen credentials from a hardware vendor. While attackers are always looking for new ways to hit healthcare providers, it’s critical to not be the next target.

Secure access management to remove vendor vulnerabilities

Privileged credentials tend to open a lot of doors. They are given to network admins as well as third-party vendors that need to support their applications. If mismanaged these keys are very dangerous. In many organizations, these credentials permit access to all corners of the network. Neglecting the process of secure access management creates particular vulnerabilities in the case of vendors and former employees – an issue to which many healthcare providers should pay close attention.

If you want to reduce vendor risks – start by taking back the keys to your network. Vendors can’t compromise credentials they don’t have.

About SecureLink

Our sole focus is secure third-party remote access. For highly regulated enterprise organizations, SecureLink Enterprise has pioneered a secure remote access platform. SecureLink for enterprise allows an organization to identify, control, and audit third-party vendors. For vendors, SecureLink is the gold standard remote access support platform because it is easy, efficient, and ensures compliance and reduces liability when supporting customers.

Subscribe to the SecureLink Blog.
close close