AKATI Sekurity’s Compromise Assessment Strengthens Cybersecurity for a Global Healthcare Institution

Healthcare
Written By Krishna Rajagopal

The Challenge

As one of the most recognized names in global healthcare, the client operates a network of over 30 state-of-the-art medical facilities across Malaysia, Indonesia, and Vietnam, catering to thousands of patients daily. With such a vast operational reach, ensuring patient data confidentiality and safeguarding proprietary medical information is a top priority.

Despite significant investments in annual penetration testing and quarterly vulnerability assessments, the institution recognized that traditional security measures alone were not enough. They understood that cyber threats evolve rapidly and that reactive security approaches leave gaps.

To address this, the healthcare provider sought AKATI Sekurity’s expertise to conduct a comprehensive Compromise Assessment—a proactive approach to uncovering hidden threats, identifying security gaps, and ensuring long-term cyber resilience.

How AKATI Sekurity’s Compromise Assessment Helped the Client

The primary objective was to detect and assess potential threats within the healthcare institution’s network infrastructure by identifying Indicators of Compromise (IoCs). This assessment went beyond traditional vulnerability scanning and delved deeper into identifying past, ongoing, and potential cyber threats.

Key Findings from the Compromise Assessment:

🔹 Critical IoCs (20 types) – Indicators of high-risk security gaps, including:

  • Clearing of Windows event logs, obscuring forensic evidence of intrusions.

  • Default Remote Desktop Protocol (RDP) communication for administrative accounts, increasing remote access vulnerabilities.

  • Disabled User Account Control (UAC), allowing unrestricted privilege escalation.

  • Kerberoasting Attacks, enabling credential theft and unauthorized access.

  • Local account passwords stored in LAN Manager (LM) hash, making them highly susceptible to decryption.

🔹 Severe IoCs (7 types) – Security risks that required immediate mitigation to prevent potential breaches.

🔹 Moderate IoCs (3 types) – Lower-risk vulnerabilities that, if left unaddressed, could serve as entry points for future attacks.

By pinpointing these vulnerabilities, AKATI Sekurity provided the healthcare provider with a clear roadmap for remediation, ensuring their security framework was aligned with industry best practices and evolving cyber threats.

The Impact of AKATI Sekurity’s Expertise:

✔ Proactive Security Culture – The hospital moved beyond compliance-based security to an intelligence-driven approach that prioritizes real-time threat detection and mitigation.

✔ Strengthened Patient Data Protection – Reinforced security protocols to ensure confidentiality, integrity, and compliance with healthcare regulations.

✔ Future-Ready Cybersecurity Framework – The institution transitioned from reactive security practices to a proactive, resilience-focused strategy, ensuring its global facilities remain secure against evolving cyber threats.

Conclusion

The assessment exposed critical gaps in security protocols and IT procedures, including weak access controls, inadequate RDP security settings, and poor log management practices. Addressing these findings enabled the hospital to strengthen internal IT processes and implement proactive security measures. One of the most pressing concerns—local account passwords stored in LAN Manager (LM) hash—prompted an immediate review and restructuring of access controls, reducing the risk of credential-based attacks.

Krishna Rajagopal
Previous

Enhancing DDoS Resilience: How a Leading Bank Benefited from AKATI Sekurity’s Simulation Services
Next

Ensuring Seamless Transactions: AKATI Sekurity’s DDoS Mitigation for a Leading Payment Gateway