Examining the Tallahassee Memorial Hospital Cyber Attack

In late January 2023, Tallahassee Memorial Healthcare (TMH), a non-profit health system serving patients in North Florida and South Georgia, experienced a cyber attack that forced it to operate under emergency downtime procedures for around two weeks. The cyber attack was first detected on February 3, when TMH’s IT team noticed unusual system activity. The hospital’s systems were immediately secured, and a third-party cybersecurity firm was engaged to investigate the breach.

The investigation determined that unauthorized individuals had access to TMH’s systems between January 26 and February 2, and exfiltrated files during that time. The files that were stolen included names, Social Security numbers, medical record and patient account numbers, addresses, dates of birth, health insurance information, dates of service, treatment plans, diagnoses, visit notes, prescription information, and physician names.

As a result of the Tallahassee Memorial Hospital cyber attack, affected patients were notified of the breach on March 31, and offered them free credit monitoring and identity theft protection services. The hospital also said that it did not believe that the cyber attack had any impact on patient care.

Could NAC Have Stopped the Tallahassee Memorial Hospital Attack?

Network access control (NAC) could have helped to stop the Tallahassee Memorial Hospital cyber attack. NAC is a security technology that controls who and what devices can access a network. It can be used to block unauthorized devices from accessing the network, and to enforce security policies for authorized devices.

In the case of the Tallahassee Memorial Hospital cyber attack, NAC could have helped to prevent the hackers from gaining access to the network in the first place. If the hackers’ devices had been blocked from accessing the network, they would not have been able to exploit the vulnerabilities that were used to launch the attack.

In addition to preventing unauthorized access, NAC can also be used to detect and respond to security incidents. For example, if a NAC system detects that an unauthorized device has gained access to the network, it can be configured to quarantine the device and notify security personnel.

Overall, NAC is a valuable security tool that can help to protect organizations from cyber attacks. In the case of the Tallahassee Memorial Hospital cyber attack, NAC could have helped to prevent the attack from happening in the first place, or to detect and respond to the attack more quickly.

Here are some specific ways that NAC could have helped TMH:

• Block unauthorized devices from accessing the network.
• Enforce security policies for authorized devices.
• Detect and respond to security incidents.
• Improve visibility into network traffic.
• Provide reporting and auditing capabilities.

By taking these steps, NAC could have helped TMH to improve its cybersecurity posture and make it more difficult for hackers to successfully attack the organization.

A Good Reminder: It’s Important to Have a Prevention Plan

The Tallahassee Memorial Hospital cyber attack is a reminder of the importance of cybersecurity for healthcare organizations. Healthcare data is a valuable target for hackers, and organizations need to take steps to protect it. This includes implementing strong security measures, such as firewalls, intrusion detection systems, and data encryption. Organizations should also train their employees on cybersecurity best practices, such as how to spot phishing emails and how to create strong passwords.

The cyber attack on TMH is also a reminder of the importance of having a plan in place in case of a cyber attack. This plan should include steps for how to secure the organization’s systems, how to notify affected individuals, and how to recover from the attack. Organizations should regularly test their plans to make sure that they are effective.