Cyber Security for Energy Sources

Energy runs our world.  Light switches enable 24-hour productivity.  Devices and machines of all types enable consumer, commercial and government activity.  Of course, communication (other than face-to-face) is also reliant on energy.

In 2021 Colonial Pipeline demonstrated US vulnerability to hacking networks, paying over $4 million (75K in Bitcoin) to a Russia-based organization after shutting down operations ... to regain access to data (the US government later recovered about half of that ransom).

How can the United States government... and, indeed, multinational corporations with a global footprint... address this risk?  While guaranteeing security against all future attacks isn't possible, we believe a cloud-based "3-Domain Architecture" can improve security of data, computing and energy systems.

Recent comments suggest "zero trust" has fallen from the talking point attention it once had.  That said, development processes, secure behaviors (that help avert "social engineering" attacks) and examination of supply chains (security testing of those components prior to final ship -- of product -- to customers) remain key to maintaining maximum security and avoiding loss to ransomware or other cyber attack.

Cyber vulnerability in Healthcare

                      

Have we done what we can do to prevent malware attacks on our health systems?  Connecticut Attorney General William Tong was notified recently of a summer 2023 attack that may have affected 109,728 people in that state .. a breach confirmed on only 3 hospitals.

“As you are aware, on August 1, 2023, Prospect Medical learned of a data security incident that disrupted the operations of some of its Information Technology (“IT”) systems. Prospect Medical immediately took steps to secure its systems, contain the incident, and notify law enforcement. Additionally, a third-party forensic firm was engaged to conduct an investigation.”

Data stolen included "patients’ names, addresses, dates of birth, diagnoses, lab results, medications, insurance, and financial data."

Would Joel Vengko suggest that Hartford Health is immune to any such attacks?

According to a March 2023 article in LRV Health, "Joel Vengco started his thesis during the third year of <his> MD-PhD program ... the beginning of the end of his time in medical school, <transforming> his career path ... <to> using data to transform the healthcare industry." Dr. Vengko is focused on innovation, but he isn't ignoring cyber security.

Fierce Healthcare reported in December 2023 that "As of mid-December, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) had received 541 notices of data breaches affecting more than 500 individuals during 2023. Among these were incidents that compromised the information of millions, or even tens of millions, of individuals, as was the case with this summer’s high-profile breach at HCA Healthcare."

So Marty Paslick, CIO of HCA, would have to admit that "attacks forced healthcare providers to adjust their workflows or interrupt services due to lockups of their computer systems."  The Fierce article goes on to quote Mike Hamilton, CIO at Critical Insight, to the effect that  the risk of attack is obviously “escalating, and that the tactics are changing....” 

"Beyond the threat to patients’ lives, these incidents can have a lasting impact on the financial health of a provider organization."  Proactive work is essential... inspiring eWISE focus to help... specifically in the domain of obsolete devices (which pose a large vulnerability unique to the healthcare industry).