Cybersafetyconnections August 19th ,2024 vol #182 

  • From Konbriefing there was a ransomware attack on a prominent blood donor organization in the U.S- OneBlood – Orlando, Florida, USA (Orange County). 
  • Numerous hospitals in the southeastern United States were affected. 
  • No reason has been given for the ransomware attack. 
  • No cybercriminal group has claimed responsibility for the attack. 
  • How OneBlood mitigated loss from the cyber-attack is also discussed. 

What happened? 

Depositphotos 

According to CNN OneBlood a prominent blood-donation nonprofit organization that provides services to numerous hospitals in the southeastern United States was impacted by ransomware attack. That is no organization is exempt from cyberattacks!

Who was impacted? 

WUSF 

Numerous hospitals, over 250 hospitals in the southeastern United States were affected. 

Why did this happen? 

No reason has been given for the cyberattack. 

Which cybercriminal group has been impacted? 

Cybersecurity News 

No cybercriminal group has taken responsibility for the ransomware attack. 

Here are steps OneBlood took to mitigate loss 

OWASP Threat and Safeguard Matrix 

According to oneblood.org the Non-Profit successfully resumed the standard distribution of blood products to hospitals following a ransomware incident. 

  • The incident, initially reported by CNN prompted concerns regarding potential disruptions to OneBlood’s services for certain hospitals, leading to an investigation into a potential ransomware attack.  
  • According to a notification distributed by the Health Information Sharing and Analysis Center, a group focused on cyberthreat sharing, an “outage” of OneBlood’s software system was hindering the nonprofit’s capacity to supply “blood products” to hospitals in Florida. 
  • Notably, OneBlood caters to hospitals in Alabama, Florida, Georgia, North Carolina, and South Carolina. 
  •  Consequently, OneBlood resorted to manual labeling of blood products during the recovery process, as outlined in the notification.  
  • Through an official statement, the nonprofit acknowledged the ransomware attack and disclosed its collaboration with cybersecurity experts and law enforcement.  
  • Concurrently, OneBlood emphasized that it was operating at significantly reduced capacity.  
  • The implementation of manual processes and procedures enabled the nonprofit to sustain its operations; however, these processes are notably time-consuming and have a direct impact on inventory availability.  
  • To effectively manage the blood supply, OneBlood instructed the 250-plus hospitals under its purview to activate critical blood shortage protocols and sustain this status for the foreseeable future, as articulated by Susan Forbes, a spokesperson for the nonprofit. 
  • Susan Forbes, OneBlood’s senior vice president of corporate communications and public relations, expressed gratitude for the support received from the blood community during this unprecedented event, highlighting the combined efforts of the AABB Task Force and the significant response from OneBlood donors. 
  • Despite the challenges posed by the ransomware event, OneBlood promptly implemented alternative procedures to ensure the continuous collection, testing, processing, and distribution of blood to hospitals. 
  •  The organization restored the critical software system used to manage the blood supply, allowing for the processing and distribution of blood products to over 250 hospitals at the regular capacity.  
  •  Forbes emphasized the organization’s unwavering commitment to its life-saving mission and encouraged eligible blood donors to cultivate a habit of blood donation to contribute to a consistently available blood supply. 

COPILOT 

In addition , here are steps to prevent Ransomware attack from CO-Pilot. 

To prevent ransomware attacks, OneBlood in Orlando, Florida, can implement several key cybersecurity measures: 

  1. Regular Backups: Ensure that all critical data is backed up regularly and stored securely offline. This allows for data recovery without paying a ransom. 
  1. Employee Training: Conduct regular training sessions to educate employees about phishing attacks and safe online practices. Employees should be aware of the signs of a potential ransomware attack. 
  1. Endpoint Protection: Use advanced endpoint protection solutions that can detect and block ransomware before it can execute. 
  1. Patch Management: Keep all software and systems up to date with the latest security patches to close vulnerabilities that ransomware can exploit. 
  1. Network Segmentation: Segment the network to limit the spread of ransomware. This means isolating critical systems from less secure parts of the network. 
  1. Incident Response Plan: Develop and regularly update an incident response plan specifically for ransomware attacks. This plan should include steps for containment, eradication, and recovery. 
  1. Access Controls: Implement strict access controls and ensure that only authorized personnel have access to sensitive data and systems. 
  1. Email Filtering: Use email filtering solutions to block malicious attachments and links that could deliver ransomware. 
  1. Multi-Factor Authentication (MFA): Implement MFA for all critical systems to add an extra layer of security. 
  1. Regular Audits: Conduct regular security audits and vulnerability assessments to identify and address potential weaknesses. 

Conclusion 

By adopting these measures, OneBlood can significantly reduce the risk of ransomware attacks and ensure the security of their operations and data123

Subscribe to get the latest blog post.