Notifications
Clear all
Topic starter
We had one vendor who sent an email to us to let us know they were down during the DDOS attack on DNS provider DYN. I am just curious if any of your clinics had issues with your cloud providers. The DDOS attack was not just about Tumblr, Spotify, and Twitter. We need to remember days like Friday and hold GE's feet to the fire so they can design Project Northstar with appropriate safeguards against things like this. This is a big deal for cloud providers and I am surprised they had such a design flaw before moving forward into the cloud.
I am curious if any vendors who were affected on Friday will cause them to take a hit on their 99.999 percent up-time calculations, or will they continue to claim 99.999 even though few, if any, could get to them?
Mike Zavolas
Tallahassee Neurological Clinic
Posted : October 24, 2016 8:33 am
My thoughts exactly. While we were not directly impacted by this disruption, I do anticipate these kinds of attacks will become more and more prevalent.
Posted : October 24, 2016 8:56 am
Our Online Bill Pay vendor was affected by this. They sent us an email quite a while after the fact that we could not log in.
This is serious stuff.
Mike
Posted : October 24, 2016 9:19 am
EMR-link wasn't working for us most of the day. We didn't get informed by liaison until near the end of the day. I got a news alert on my phone of the attack (around 9am eastern) which lead us to believe it was the attack that was taken EMR-link down, later confirmed by liaison.
Posted : October 25, 2016 12:29 am
Topic starter
I am wondering if you would be able to manage your DNS internally then you could route to the public IP addresses for your cloud needs. It would be a lot of work but if this is the future then vendors should get on board with that concept. They would need to disclose any IP address changes so you can update internally. I read about that many sites were not affected because they had redundant DNS set up. I would think that would be a no brainer for most admins.
"In a relatively short time we've taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters" Jeff Jarmoc Tweet
Posted : October 25, 2016 2:14 am
EMR LINK was down for us as well and no notification until later in the day after numerous emails and attempts to call them to find out the problem .
Posted : October 25, 2016 2:48 am
I think we received 3-4 notifications from different vendors (Bill Pay, EMR-Link and our Credit Card processor come to mind). Even though we are in the southeast US (Florida), to my knowledge we were not experiencing any issues. Due to the nature of the attack, the services were not completely down but rather intermittent. It could have been our local DNS servers caching the responses to the websites we use hundreds of times a day. All it would take would be one successful query to DYN to have the result cached in our DNS.
I don't like the fact that GE is forcing everyone to go to the cloud, however one way around these type issues would be to use 2x cloud DNS vendors with replicated zones between them. For example, if they used DYN and DNSMadeEasy and setup their domains to point to both sets of DNS servers, the likelihood of a DNS outage would be very minimal. They could use one provider as the primary zone and perform zone transfers to the other.
Posted : October 25, 2016 5:28 am
We are in the Midwest, Kansas City area and did not experience any issues with the DYN DDOS attack last Friday.
I am not fond of GE's Northstar initiative moving everything to the 'cloud'. Healthcare has been one of the slower adopters of Cloud Computing, due to security, data theft and uptime concerns. I still do not feel that we are ready to move healthcare systems and data to the public cloud.
Jim Leveling
Kansas City Orthopaedic Institute
Posted : October 25, 2016 8:39 am
There are many appropriate uses of cloud storage. Critical healthcare information is not one of them. Just remember folks... there is no cloud. It's just someone else's computer.
Posted : November 1, 2016 7:19 am
