Recent research has shown how easy it is to hack into the network of a clinic. The arrival of the Internet of Things has only to increase weaknesses in information systems and data infrastructure.
A modern clinic it is a complicated system. has sophisticated medical devices comprising fully functional computers with operating system and installed applications. Doctors rely on computers, and all information is stored in digital format. In addition, all technologies related to the area of health are connected to the Internet. Therefore, it is no surprise that both medical devices and IT infrastructure of the hospital and have previously been targeted by hackers. Kaspersky Lab experts found vulnerabilities in medical devices that opened a door for cybercriminals have access to personal data of patients, as well as their physical well-being.
the most recent examples of such incidents are kind ransomware attacks on hospitals in US. and Canada. However, a malicious attack mass is just one way in which criminals might take advantage of the infrastructure TI of a modern hospital.
Team Analysis and Global research Kaspersky Lab conducted a field investigation in a private clinic with the intention of exploring their security weaknesses and how to resolve them. The reason? Clinical store personal information of their patients. We also have and use very expensive, difficult team to fix and replace, which makes them a potentially valuable target for extortion and theft of data.
The result of a successful cyber attack against a medical organization could involve the following:
- the criminal use of personal data of patients: the resale of information to third parties or require the clinic to pay a ransom to retrieve sensitive information patients.
- the deliberate falsification of patient results or diagnoses.
- damage to medical equipment can cause both physical injury to patients and huge financial losses to a clinic.
- negative impact on the reputation of a clinic.
Exposure to Internet
modern medical devices with fully functional computers with an operating system and most of them have a channel Internet communication. by hack them, criminals could interfere with its functionality. a look at search engine Shodan for Internet-connected devices showed hundreds of devices- from MRI scanners, to cardiology equipment, radioactive medical equipment and other related devices are registered. This discovery leads to conclusions preocupantes- some of these devices still work with older operating systems like Windows XP, with unpatched vulnerabilities and some even use default passwords that can be easily found in manuals with public access.
when using these vulnerabilities, criminals may have access to the interface of a device and affect potential form the way it works.
within the local network of clinical
the above scenario was one of the ways that cybercriminals could access critical infrastructure of the clinic. But the most obvious and logical way is to try to attack your local network. During the investigation a vulnerability in Wi-Fi clinic was discovered. It could enter the local network thanks to a very weak communications protocol.
When exploring the local network of the clinic, the expert from Kaspersky Lab found some medical equipment that had previously found in Shodan. However this time, to access any password- equipment is not needed because the local network was a reliable network for medical applications and user equipment. This is one way in which an attacker can access a medical device.
As we continue exploring the network, Kaspersky Lab expert discovered a new vulnerability in an application of medical device. a shell was implemented in the user interface that could give cybercriminals access to personal information of patients, including their medical records and information about medical tests, as well as their addresses and identification data. Moreover, through this vulnerability could be compromised throughout the controlled device with this application. For example, among these devices could be MRI scanners, cardiology equipment, radioactive and surgical equipment. First, criminals could alter the way the device works and cause bodily harm to patients. Second, criminals could damage the device itself at a huge cost to the hospital.
“The clinics are no longer just doctors and equipment doctors, but also IT services. The work of the internal security services of a clinic affects the security of patient data and functionality of their devices. Software engineers and medical equipment put a lot of effort into creating a useful medical device that will store and protect human life, but sometimes they forget completely to protect against unauthorized external access. When it comes to new technologies, security issues must be addressed in the first stage of research and development. Security companies IT could help at this stage to address security issues, “says Sergey Lozhkin, Senior Researcher at Kaspersky Lab.
experts recommend applying the following measures to protect clinics unauthorized access
- Use secure passwords to protect all external connection points.
- Reload policies IT security, take after vulnerability assessment and management timely patch.
- Protect applications of medical equipment in the local network passwords in case of unauthorized access to the trusted zone access .
- Protecting infrastructure against threats such as malware and hacker attacks with a solution of reliable security.
- Make regular backups of critical data and keep a backup offline
<-.! iframe plugin v .4.2 wordpress.org />plugins/iframe/ ->
No comments:
Post a Comment