Recently Daniel Nigrin, Chief Information Officer of Boston Children’s Hospital, wrote an article about the sustained cyberattack on Boston Children’s Hospital purportedly orchestrated by the hacker group Anonymous. The article was published in the New England Journal of Medicine and is titled “When ‘Hacktivists’ Target Your Hospital” (full text available from any Boston Children’s computer). The article describes the nature and actions of the attack, as well as how the hospital was able to successfully defend itself. As Nigrin explains,
Fortunately, no patient was harmed, and no patient data or other data were lost or compromised during the weeks that the hospital was under assault. Advance planning, well-trained and dedicated staff, the support of a multidisciplinary team, and the resources and expertise of the ISP and third-party partners were all critical to managing the response.
The article also describes the lessons learned from the cyberattack, including some of the planning that health care organizations need to take into account to protect themselves from such assaults and to best cope with the effects of defending an organization during a cyberattack.