Brute Force Attack in the Medical Field

The Network: An association in a specialty medical field is our customer who is dedicated to the highest standards of clinical care through education, research and the formulation of health care policy.

The Expectation: An external facing website is the heart of the operation, connecting members to each other and the various activities of the association.

The Catch: Netsurion’s SOC (Security Operations Center) observed alerts from the Palo Alto Networks firewall that brute force logins were observed against the Content Management System (CMS). This alert is triggered when ten or more attempts are noticed to the CMS login page.

The Find: The attempts originated from Indonesia and happened repeatedly for a period of time indicating a brute force attack to guess passwords.

The Fix: Netsurion’s SOC promptly alerted the administrator to block external access from this attacker IP and provided critical recommendations for securing the CMS by:

password protecting the admin folder
disabling directory browsing
resetting passwords (especially admin)
renaming the default admin account
implementing two-factor authentication
updating the CMS package with the latest patches

The Lesson: The risks of a cybersecurity incident are real and ever-present. Organizations must be vigilant and keep up with patching and defense in depth. Comprehensive log monitoring and correlation should be a high priority to protect the often-targeted healthcare industry.

24X7 SOC-AS-A-SERVICE

OPEN XDR PLATFORM

USE CASES

WHY NETSURION

PARTNERS

ALL CYBERSECURITY INSIGHTS

Level up your cybersecurity!

ABOUT NETSURION

XDR Hot Company

Next-Gen MDR Service

Best MDR Solution

Brute Force Attack in the Medical Field