| Recurring |
one_organization, multiple_organization |
(a) The software failure incident having happened again at one_organization:
- The article mentions that ERT, the Philadelphia company hit by a ransomware attack, had its systems seized by ransomware on September 20 [112986].
- This incident at ERT is an example of a software failure happening within the same organization.
(b) The software failure incident having happened again at multiple_organization:
- The article highlights that Universal Health Services, a major hospital chain with more than 400 locations, was hit by a major ransomware attack [112986].
- This indicates that the incident of a ransomware attack affecting organizations has occurred at multiple organizations, in this case, both ERT and Universal Health Services. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident reported in the articles is related to the design phase. The incident was a ransomware attack on eResearchTechnology (ERT), a company that sells software used in clinical trials. The attack began when employees discovered they were locked out of their data by ransomware, which is a type of attack that holds victims' data hostage until they pay to unlock it. This incident was a result of a security vulnerability in the design of ERT's systems, allowing the ransomware to infiltrate and lock down their data [112986].
(b) The software failure incident is also related to the operation phase. The attack on ERT forced trial researchers to track their patients with pen and paper, indicating a disruption in the operation of the software used in clinical trials. This operational impact was a direct result of the ransomware attack on ERT's systems, which hindered the normal operation of the software and clinical trials [112986]. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident involving the ransomware attack on eResearchTechnology (ERT) was a result of contributing factors that originated from within the system itself. The attack began when employees discovered they were locked out of their data by ransomware, which is a form of cyberattack that encrypts victims' data until a ransom is paid to unlock it [112986]. ERT took its systems offline as a precaution, called in outside cybersecurity experts, and notified the Federal Bureau of Investigation [112986]. The incident impacted various clinical trials, including those related to the development of tests, treatments, and vaccines for the coronavirus [112986].
(b) outside_system: The ransomware attack on ERT, which led to the software failure incident, was caused by contributing factors that originated from outside the system. The attack was carried out by external threat actors who deployed ransomware to lock ERT out of its data and demanded payment for its release [112986]. The attack on ERT was part of a broader trend of ransomware attacks targeting various sectors, including healthcare, research, and critical infrastructure, with the goal of extorting money from the victims [112986]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in Article 112986 was due to non-human actions, specifically a ransomware attack on the Philadelphia company eResearchTechnology. The attack involved locking employees out of their data and holding it hostage until a ransom was paid, impacting clinical trials and forcing researchers to resort to pen and paper tracking [112986].
(b) Additionally, human actions were involved in responding to the software failure incident caused by the ransomware attack. The company took its systems offline as a precaution, called in outside cybersecurity experts, and notified the Federal Bureau of Investigation. The decision-making process regarding whether to pay the extortionists was also a human action in response to the attack [112986]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident reported in the article was not due to hardware issues but rather a ransomware attack on the Philadelphia company eResearchTechnology (ERT) [112986]. The attack involved ransomware that locked employees out of their data, indicating that the contributing factors originated in software vulnerabilities rather than hardware issues. The incident led to the company taking its systems offline, calling in cybersecurity experts, and notifying the FBI to contain the attack.
(b) The software failure incident was directly attributed to a ransomware attack on ERT's systems, indicating that the contributing factors originated in software vulnerabilities [112986]. The ransomware attack held the company's data hostage, impacting the clinical trials that relied on ERT's software. This incident highlights the importance of cybersecurity measures to protect software systems from such attacks. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident reported in the article is malicious in nature, specifically a ransomware attack on eResearchTechnology (ERT) [112986]. The attack involved locking employees out of their data and holding it hostage until a ransom was paid. This type of attack is intentional and aimed at causing harm to the system and disrupting operations. The incident led to the slowdown of clinical trials and forced researchers to resort to pen and paper for tracking patients.
(b) There is no information in the articles to suggest that the software failure incident was non-malicious. |
| Intent (Poor/Accidental Decisions) |
poor_decisions, accidental_decisions |
(a) The software failure incident reported in the article was a result of poor decisions made by the attackers behind the ransomware attack on eResearchTechnology. The attackers made the decision to deploy ransomware, which led to locking out employees from their data and impacting clinical trials, including those related to the coronavirus vaccine development efforts [112986].
(b) Additionally, accidental decisions or unintended consequences were also evident in the software failure incident. The impact of the ransomware attack on ERT led to trial researchers having to resort to tracking patients with pen and paper due to being locked out of their data, which was not the intended or desired outcome of the attack [112986]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident reported in the article was not due to development incompetence but rather a ransomware attack on the Philadelphia company eResearchTechnology [112986].
(b) The software failure incident was accidental in nature as it was caused by a ransomware attack that held victims' data hostage until they paid to unlock it. The attack on eResearchTechnology was described as a ransomware attack that slowed down clinical trials and forced trial researchers to track patients with pen and paper [112986]. |
| Duration |
temporary |
(a) The software failure incident in the article is temporary. The ransomware attack on eResearchTechnology caused a slowdown in clinical trials for two weeks, during which trial researchers had to track patients with pen and paper [112986]. |
| Behaviour |
omission, value, other |
(a) crash: The software failure incident mentioned in the article is related to a ransomware attack on eResearchTechnology (ERT) that resulted in the company's systems being seized, leading to employees being locked out of their data. This incident caused a slowdown in clinical trials, forcing trial researchers to track patients with pen and paper [112986].
(b) omission: The ransomware attack on ERT resulted in trial researchers having to track patients with pen and paper, indicating that the software was omitting to perform its intended functions of data management and tracking during the incident [112986].
(c) timing: The article does not mention any specific instances of the software performing its intended functions too late or too early.
(d) value: The ransomware attack on ERT led to a failure in the system performing its intended functions correctly, as employees were locked out of their data and the attack slowed down clinical trials, impacting the value and efficiency of the software [112986].
(e) byzantine: The article does not mention any inconsistent responses or interactions exhibited by the software during the ransomware attack incident.
(f) other: The software failure incident resulted in trial researchers having to resort to manual tracking methods with pen and paper, showcasing a disruption in the normal functioning of the software beyond just a crash or omission [112986]. |