• Look at the possible types of attack types that could have done this. List what they may be.
• What information have you gathered that suggest that the hackers were possible in the systems for a period of time prior to the attack and why would they take this approach?
• From the perspective of HIPAA, what should the UVM Medical Center be looking at to prevent law suits or damages?
• What do you think the hospital lawyers are most concerned about at this time?
• Why would hackers do this? What would be their purpose?
Sources: