From: CSO
By Eric Cowperthwaite
As you’ve heard by now, an attacker broke into a server used to test code for HealthCare.gov and uploaded malicious software. While there’s no evidence that consumers’ personal information was swiped, this is a very significant incident.
Like many of the other breaches that have made headlines over the past few months, this was the result of simple, compounded mistakes. A basic security flaw went overlooked, and it was assumed that because the system in question wasn’t supposed to be connected to the internet, it wasn’t high priority and didn’t warrant continuous monitoring. But that’s not a fair assumption – accidently connecting a system like this to the internet is an easy mistake to make in a complex environment. That sort of thing happens all the time.
The HHS knows there is a target on its back. And when that’s the case, you can’t afford to ignore anything on your network. In fact, Federal Government security standards now require continuous monitoring of systems for vulnerabilities, possible attacks and possible exploits. It’s unclear to what degree HealthCare.gov has adopted continuous monitoring, although the length of time it took to detect the breach suggests there is room for improvement in this area.
Leave a Reply