Last April, during the parents-versus-hospital custody dispute over teenager Justina Pelletier, Boston Children’s Hospital found itself under cyberattack, apparently by the hacker group Anonymous. The hospital’s website was flooded by traffic that hindered its operation, and other online operations were affected as well.
The assault brought widespread condemnation — BetaBoston called the attackers not activists but “criminals” — and subsided after about a week.
Now, Dr. Daniel Nigrin of Children’s offers some details and lessons from the assault in the latest New England Journal of Medicine: When Hacktivists Target Your Hospital.
He writes that the attack began with a warning message on Twitter relaying a set of demands, and then the hackers posted “the home and work addresses, phone numbers, and e-mail addresses of some of the people involved in the case (a tactic called ‘doxing’). The hackers also posted technical information about the hospital’s public-facing website, suggesting that it might become a target.” A few weeks later, the “distributed denial of service” — the flood of traffic — attack began.
Over the course of the next week, the hospital was subjected to several other attacks that were intended to do more than affect its Internet connectivity. These included multiple attempts to penetrate its network through direct attacks on exposed ports and services, as well as through the use of “spear phishing” e-mails, which are intended to get recipients to click embedded links or open attachments that would provide a means for the attackers to gain access to the portion of the hospital’s network behind its firewall.
No patient data were damaged or exposed, Nigrin writes, but the experience underscores the important of planning for the possibility of losing Internet connectivity. Continue reading