The Challenge
The Client offers end-to-end healthcare IT applications, hardware and customization services, including business intelligence, disaster recovery and help desk.
Like most organizations, the Client must address a wide variety of security threats. In today’s world, bad actors use malicious servers running scripts that constantly probe for vulnerabilities to exploit all around the world.
“This particular exploit was a WebLogic deserialization Java vulnerability,” says the Client’s chief information security officer. “Basically, the attackers were attempting to install crypto-miner software that would let them use our servers to mine crypto currencies like Bitcoin. Vendor patches don’t effectively address all vulnerabilities,” the CISO explains. In fact, the Vendor patch released on April 17, 2017 didn’t fully mitigate the threat and systems continued to be breached.
“Plus you have to perform regression testing and take your systems down to apply patches before hackers find you. When we discovered a successful attack on some of our servers with a connection to the Internet we immediately placed a call to our third-party support provider, Rimini Street, for assistance.”