But it progressed. Three weeks after the threats, Nigrin identified low-level Distributed Denial of Service attacks in a cat-and-mouse fashion.

“We put a fix in, they hit us a little harder,” he said. “It was quite frustrating. They could tell we were adjusting to their tactics, and they were accommodating those changes and altering their approach.”

Then, on Patriot’s Day Weekend, which in 2014 was also Easter and of course one year after the marathon bombing, Boston Children’s experienced a massive uptick beginning on Friday night.

“We couldn't keep up. They filled our Internet pipe, we had no access,” Nigrin (pictured at left) said, explaining that a number of its web sites spanning philanthropy, research, patient and provider portals, as well as Mass Medical and Wayside Youth went down. “At the same time, they hit us with a massive volume of malware-laden emails.” 

Nigrin made a gutsy move: Intentionally shutting down Boston Children’s email. Without it, he and his staff literally went around on foot to get the word out to employees about what was going on and thow critical it was to not fall prey to suspicious emails, social engineering, even odd phone calls, such as the few that came in from a (000) 000-0000 origin with a recorded message saying the employees’ personal bank account had been compromised. 

“What happened next is really interesting and goes back to Anonymous,” Nigrin said. 

A new posting on Twitter from the handle @YourAnonNews: "To all the “Anons” attacking the CHILDRENS HOSPITAL in the name of Anonymous – IT IS A HOSPITAL: STOP IT."

That Twitter handle had 1.24 million followers at the time — while @AnonMercurial had a grand total of 6.

“The attack, I won’t say immediately, went down to a trickle,” Nigrin explained. “It didn’t go to zero, they must have forgotten to disarm some of the bots, but suffice it to say it was over.” 

And Boston Children’s slowly started bringing its externally-facing Web sites back online over three weeks’ time.

Usual suspects
Nigrin evoked commonly-accepted adjectives when describing Anonymous such as “loose” and “decentralized” as a group of individual hacktivists. 

Those may be true but Anonymous has enough gravitas to at least grab international attention when threatening in a YouTube video to launch “a complete assault” against the “virtual government” of those supporting the State of Iraq and Syria, aka ISIS, including Saudi Arabia, Turkey, Qatar, and others.

ISIS, while largely a ground effort, has eked out recognition for the potential to wreak cyber havoc, though few attacks have actually been traced back to the group.

Aetna’s Routh said that Ukraine has “outstanding technical talent in hackers” but most are focused on Russia for the time being. And Chinese hackers, of course, aptly demonstrated with Community Health Systems their interest in attacking American targets.

Perhaps most telling about the Cybersecurity Cold War: Those are just a fraction of the reported cases, leading one to wonder how many more the public does not even know about.

“Back in the day, life was simpler. It was organized crime coming after financial services because that’s where the money was. It was easy to predict the motive and keep up with the changing tactics,” Routh reflected. “What’s happening in the geopolitical space is having a direct impact on the private sector — and it’s also having a direct impact on healthcare.”