Topics
Reimbursement
Healthcare groups prod Congress to stop CMS' payment cuts
Healthcare groups prod Congress to stop CMS' payment cuts
Revenue Cycle Management
The transactional revenue cycle no longer works: Here's what does
The transactional revenue cycle no longer works: Here's what does
Strategic Planning
Q&A with Geisinger CEO and president Dr. Jaewon Ryu, who will be CEO of the new Risant Health
Q&A with Geisinger CEO and president Dr. Jaewon Ryu
Capital Finance
Cash shortages plague hospitals but there are signs of improvement ahead
Cash shortages plague hospitals
Supply Chain
HIMSSCast: Embrace technology to replace the mundane tasks
HIMSSCast: Embrace technology to replace the mundane tasks
Accounting & Financial Management
Optum growth fuels strong quarter for UnitedHealth Group
Optum growth fuels strong quarter for UnitedHealth Group
Budgeting
Insurers likely to pay $1.1 billion in rebates this fall
Insurers likely to pay $1.1 billion in rebates this fall
Quality and Safety
U.S. News revises 'Best Hospitals' methodology in wake of backlash
U.S. News revises 'Best Hospitals' methodology in wake of backlash
Billing and Collections
Paying for healthcare creates mental and financial health concerns
Paying for care creates mental, financial concerns
Claims Processing
94% of physicians report care delays due to prior authorization, AMA says
94% of physicians report care delays due to prior authorization, AMA says
Workforce
AMA pushes to end noncompete clauses in physician contracts
AMA pushes to end noncompete clauses
Operations
Sola launches in growing employer self-funded health plan market
Sola launches in growing self-funded health plan market
Medical Devices
Humana teams with durable medical equipment organizations on home care
Humana teams with DME orgs on home care
Hospital/physician relations
Physicians would rather leave than work for Envision, doctor says
Physicians would rather leave than work for Envision, doctor says
Construction & Facilities Management
Providence announces $712 million expansion in southern California 
Providence announces $712M expansion in southern California 
Compliance & Legal
Florida men plead guilty to $67 million Medicare fraud scheme
Florida men plead guilty to $67 million Medicare fraud scheme
Policy and Legislation
CMS expanding Medicare Diabetes Prevention Program
CMS expanding Medicare Diabetes Prevention Program
Community Benefit
AMA and others launch collective call for health equity in Rise to Health
AMA and others launch collective call for health equity
Accountable Care
CMS is testing new primary care model
CMS is testing new primary care model
Acute Care
A cyberattack is partly to blame for St. Margaret's Health closing all operations
A cyberattack is partly to blame for St. Margaret's Health closing all operations
Ambulatory Care
Hospitals face direct competition from the 'retailization' of healthcare
Hospitals face direct competition from the 'retailization' of healthcare
Analytics
Top Stories: Patient information exposed in PharMerica breach
Top Stories: Patient information exposed in PharMerica breach
Business Intelligence
Healthcare job cuts increase 97% from 2022
Healthcare job cuts increase 97% from 2022
ICD-10 & Coding
Physician practices examine risk adjustment coding in wake of federal lawsuits
Practices keeping close watch on risk adjustment coding
Meaningful Use
CMS overhauls meaningful use EHR program, renames it 'Promoting Interoperability'
CMS overhauls meaningful use as 'Promoting Interoperability'
Medicare & Medicaid
Significant differences uncovered between MA, FFS enrollees
Significant differences uncovered between MA, FFS enrollees
Patient Engagement
Commercial health plan member satisfaction declining in key areas
Commercial health plan member satisfaction declining
Pharmacy
Pharmacy leaders meet with White House on Medicare prescription drug benefits
Pharmacy leaders meet with White House on Rx drug benefits
Population Health
One in four skip wellness appointments, regular checkups
One in four adults skip wellness appointments, regular checkups
Risk Management
UPMC for You partners to offer Medicaid redetermination coverage in laundromats
UPMC for You offers Medicaid redetermination coverage in laundromats
Telehealth
Telehealth linked to fewer in-person follow-up visits
Telehealth linked to fewer in-person follow-up visits
Mergers & Acquisitions
M&A activity returning to pre-pandemic levels
M&A activity returning to pre-pandemic levels
View more
Apr 11 More on Operations

Healthcare websites are being attacked with fake requests

These attacks are flooding targeted networks and servers and threatening to shut sites down, rendering them inaccessible to clients.

Jeff Lagasse, Associate Editor

Photo: Joos Mind/Getty Images

The Department of Health and Human Services' Health Sector Cybersecurity Coordination Center (HC3) has issued a warning to healthcare organizations, saying a flood of distributed denial-of-service (DDoS) attacks could shut down their websites.

A "trusted third party" shared information with HC3 regarding the DDoS attacks, which have been tracked since November. These attacks are flooding targeted networks and servers with a fake Domain Name Server (DNS) request for non-existent domains (NXDOMAINs), according to the alert.

WHAT'S THE IMPACT

A DNS NXDOMAIN flood DDoS attack is one of the various denial-of-service attacks that will target the DNS, said HC3. What the threat actor wants to do is overload the DNS server with a large volume of requests, which can be either non-existent or invalid. 

In this type of DDoS, the DNS server will spend time trying to locate something that does not exist instead of processing legitimate user requests. As the volume of invalid requests increases, the server will begin to slow down, preventing legitimate requests from getting a response. Legitimate clients trying to access the website will only increase the load even further.

In most cases, the DNS proxy server and the DNS authoritative server will use all their time handling those bad requests, according to HC3. When successful, the outcome of these attacks can result in higher utilization of resources on the server, and the cache will be filled up with NXDOMAIN replies. This can ultimately slow or completely prevent an authorized user from gaining access to a website or services.

Like other DDoS attacks, these are also carried out by large botnets, which can consist of thousands of compromised devices located worldwide, making detecting and blocking this type of DNS attack difficult. As a result, NXDOMAIN DDoS attacks could negatively impact network providers, website owners, and end-users or customers, HC3 said.

If network providers can't control or mitigate the attack, it may lead to their customers being unable to access their websites and services, the report found. 

THE LARGER TREND

HC3 encourages organizations to remain cautious when blocking IPs, because this could result in legitimate users being prevented from accessing public services. According to HC3, there are several mitigations and recommended actions available for DNS NXDOMAIN Flood DDoS attacks.

They include blackhole routing/filtering suspected domains and servers; implementing DNS Response Rate Limiting; blocking requests from the client's IP address for a configurable period of time; ensuring that cache refresh takes place, facilitating continuous service; lowering the timeout for recursive name lookup to free up resources in the DNS resolver; increasing the time-to-live on existing records; and applying rate limiting on traffic to overwhelmed servers.
 

Twitter: @JELagasse
Email the writer: Jeff.Lagasse@himssmedia.com

News
Healthcare organizations ask HHS to delay quality measure reporting for ACOs Healthcare organizations ask HHS to delay quality measure reporting for ACOs The American Hospital Association and American Medical Association are among the 11 organizations signing the letter.