аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢

TECHNEWS: Learning from the аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢LA Health cyberattack

аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢ Davis information security specialists are fielding calls from people on campus who want to know what we can learn from the data breach аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢LA disclosed last Friday (July 17).

CHANCELLOR'S MESSAGE

Dear Campus Community,

As you may have heard, аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢LA Health announced today (July 17) that it was the victim of a criminal cyberattack. At this time there is no evidence that the attacker actually viewed or acquired any individual’s personal information in the аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢LA Health cyberattack. Additional security measures have been implemented, and all potentially impacted individuals can sign up for no-cost ID theft protection services. More information is available at the . There is no evidence that the аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢LA Health cyberattack has impacted the аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢ Davis Health System. The IT systems at the various аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢ health systems are all managed separately.

A number of proactive steps are underway to help ensure the protection of IT systems at all аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢ campuses and medical centers. This includes the mobilization of an external cybersecurity group that will review and validate ongoing internal efforts and assess emerging threats and potential vulnerabilities.

The confidentiality of Protected Health Information (PHI) is essential in maintaining the trust of our patients, and we take that responsibility very seriously. We have invested in technology, dedicated staff and software tools to vigilantly monitor our systems, and have educated our employees about cyberthreats, which are a growing national concern.

While there is no evidence that our campus and medical center were impacted by this attack, there are steps we should all take to protect the continued security of our systems and networks:

  • Ensure that your computer and mobile devices are up to date with the latest patches, including those for software like Adobe Flash or Java.
  • Review electronic devices under your control (including computers, tablets, phones and memory sticks) and remove or secure any files that contain sensitive information about individuals.
  • Be aware of email and phishing messages asking for personal information. Ensure that you have strong passwords and that you never share them with anyone.
  • For more information, visit .
  • If you need assistance managing your cybersecurity efforts, you may contact the (Davis campus) or (health system).

The confidentiality of our personal information, particularly medical information, is something that is important to all of us.  We must act together to protect our computers and data. I appreciate your support and cooperation with this effort.

Sincerely,

Linda P.B. Katehi

The cause of the attack is still being investigated, but whatever the full answer turns out to be, the breach underscores the need to practice the basic good habits of information security.

аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢LA Health has posted information about the attack on its . There is no evidence that the breach has affected the аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢ Davis Health System, Chancellor Linda P.B. Katehi wrote in an email to аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢ Davis faculty and staff. See box for the chancellor's July 17 email.

Cheryl Washington, аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢ Davis' chief information security officer, said: "The campus security team is currently conducting its own investigation based on information we were provided about the аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢LA incident. If we identify any confirmed or suspicious threats, we will reach out to the technical community and others for assistance in our investigation."

Washington also asks campus technologists to be sure they scan their VLANs (virtual local area networks), "and if they find something suspicious, notify us" at cybersecurity@ucdavis.edu.

"If you have not read the chancellor's message, I encourage you all to do so," Washington continued. "She offers very valuable tips that can help you protect your information assets."

5 common patterns

The from Verizon says more about the current nature and source of cyberthreats. For example:

  • Phishing still tricks too many people. "Twenty-three percent of recipients open phishing messages," the report says, "and 11 percent click on the attachments." аÄÃÅÁùºÏ²ÊÄÚÄ»ÐÅÏ¢ Davis faculty and staff who need to brush up on their anti-phishing skills should watch these free, short (see module 3).
  • "For the overwhelming majority of attacks exploiting known vulnerabilities, the patch [to fix the problem] had been available for months prior to the breach (and 71 percent for more than one year). This strongly suggests that a patch deployment strategy focusing on coverage and consistency is far more effective at preventing data breaches than 'fire drills' attempting to patch particular systems as soon as patches are released."
  • Most attacks fell into one of five basic patterns: miscellaneous errors (29.4 percent), crimeware (25.1), insider misuse (20.6), physical theft/loss (15.3) and Web app attacks (4.1).

Bill Buchanan is senior writer and TechNews editor in Information and Educational Technology.

Media Resources

Dave Jones, Dateline, 530-752-6556, dljones@ucdavis.edu

Primary Category

Tags