<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=522217871302542&amp;ev=PageView&amp;noscript=1">

Beware of the 'Shadow of the Universe': How to Help Customers Respond and Recover from Threats

Posted by Julie Wagoner on Nov 3, 2020 2:30:49 PM

At 2:00am on September 27, 2020, computers at a large hospital system, like a rolling blackout, began shutting down. One computer screen ominously displayed "Shadow of the Universe" before slowly fading to black.

Universal Health Services (UHS) —which operates 400 hospitals and behavioral health facilities in the U.S. and the U.K., employs more than 90,000 employees, and provides healthcare services to approximately 3.5 million patients each year— indicated in a press release that they “experienced an information technology security incident.”

A UHS employee described it this way:

“I was sitting at my computer charting…When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity. After 1 min or so of this the computers logged out and shut down.”

Various reports suggested that affected facilities were left without access to computer and phone systems, patients’ charts were being done with pen and paper, ambulances arriving at emergency rooms were being turned away, and patients in need of surgery were being relocated to nearby hospitals.

All 250 U.S. facilities were affected and, as of this writing, UHS is still working on bringing all impacted systems back online.

“What gets me is we had no downtime protocols in place. It’s all been improv,” reported the employee.

In the spirit of National Cybersecurity Awareness Month, we want to share some eye-opening data about organizations’ preparedness for a cyber incident—some of whom could be your customers—along with ways that you can help them evolve their cyber security preparedness.

The chilling cost of a cyber attack

While the UHS attack itself is chilling, the end to this thriller has not yet been written. In addition to the exorbitant cost of remediating the attack, highly respected UHS will likely pay penalties for breached data, settle lawsuits with patients, make key staff changes, and suffer reputational damage. 

To put it into perspective (and we have no way of knowing what people and processes UHS had in place to respond to a threat), the average cost of a healthcare data breach was $7.13 million—the highest of any other industry, according to Ponemon’s 2019 Cost of a Data Breach Report.

In addition, those organizations with incident response teams that extensively test their incident response plans spend an average of $1.2 million less on data breaches than those who don’t have those protocols in place.

Help customers mount a cyber defense with Tech Data

There are too many threats, threat actors and new threat vectors for any entity to fend off alone. With the massive and growing cybersecurity skills gap, every customer needs a hand from competent managed services security providers (MSSPs). 

Tech Data offers comprehensive tools and services to enable you to help customers detect, prevent, and remediate an attack. These include:

  • Incident Response Services – Make sure your customers have the right capabilities to effectively respond to and recover from cyber threats with Plan Development, Readiness Review, and Emergency Response services.
  • RECON™ ISAO – Share timely, analyzed, and highly relevant threat intelligence with a large community of members that leverages competent analysis through our collaboration with The Arizona Cyber Warfare Range and National Cyber Warfare Foundation.
  • Incident Response Experience – Allow customers—from technical teams up to C-level executives—to consider their response to a real-world threat, such as ransomware or a data breach, through a live simulation hosted by the Tech Data Cyber Range. The goal is for your customer to understand their incident response preparedness and the next steps to improve.

Security is not a set-it-and-forget-it thing. Talk to your customers about their incident response plans and the value of threat intelligence to help detect an attack. Stress the importance of regularly and repeatedly testing, practicing, and reassessing their response plans so that they are prepared for the wicked actors that will attempt to disrupt their businesses. 

Download this infographic to begin the conversation. Or visit techdata.com/security.

About the Author

Julie Wagoner has 10+ experience in marketing/communications, specifically in social media, content strategy and web. For the past year, she worked in social media for the MGM Grand Resort in Las Vegas but previously she worked for Tech Data/Avnet for over 7 ½ years in various positions including leading the companies social media strategy and managing the Authority Blog.

Tags: Cybersecurity, Cyber Threats, cyber threat assessments, Shadow of the Universe