⬆️ ⬇️

Large FAQ on the cybersecurity of medical information systems

Analytical review of cybersecurity threats for medical information systems relevant from 2007 to 2017.



- How common are medical information systems in Russia?

- Can you elaborate on the unified public health information system (EGSIZ)?

- Can you elaborate on the technical features of domestic medical information systems?

- What is the situation with the cyber security of the domestic EMIAS system?

- What is the situation with the cybersecurity of medical information systems - in numbers?

- Can computer viruses infect medical equipment?

- How dangerous are extortion viruses for the medical sector?

“If cyber incidents are so dangerous, why should medical device manufacturers computerize their devices?”

- Why did cybercriminals switch from the financial sector and retail stores to medical centers?

- Why did cases of infection with extortion viruses become more frequent in the medical sector and continue to increase?

- Doctors, nurses and patients affected by WannaCry - how did this turn out for them?

- How can cybercriminals harm a plastic surgery clinic?

- The cybercriminal stole a medical card - how does it threaten its rightful owner?

- Why is the theft of medical cards so in-demand?

- How are the thefts of social security numbers related to the falsification industry?

- Today, a lot of talk about the prospects and security of artificial intelligence systems. How is this in the medical sector?

- Did the medical sector learn from the situation with WannaCry?

- How can medical centers ensure cybersecurity?





This review is marked by a letter of thanks from the Ministry of Health of the Russian Federation (see the screen under the spoiler).





How common are medical information systems in Russia?







Can you learn more about the unified public health information system (EGSIZ)?







Can you elaborate on the technical features of domestic medical information systems?







What is the situation with the cyber security of the domestic EMIAS system?







What is the situation with the cybersecurity of medical information systems - in numbers?







Can computer viruses infect medical equipment?







How dangerous are ransomware viruses for the medical sector?







, ?







– ?







- ?







, , WannaCry – ?







How can cybercriminals harm a plastic surgery clinic?







A cybercriminal stole a medical card - how does it threaten its rightful owner?







Why is the theft of medical cards so much in demand?







How are the thefts of social security numbers related to the criminal document fraud industry?







Today there is a lot of talk about the prospects and security of artificial intelligence systems. How is this in the medical sector?







WannaCry?







?





PS Like this article? If yes, put a like. If by the number of likes (let's type 70) I see that Habr's readers have an interest in this topic, I will prepare a sequel after some time, with an overview of even more recent threats to medical information systems.



Bibliography
  1. David Talbot. Computer Viruses Are "Rampant" on Medical Devices in Hospitals // MIT Technology Review (Digital). 2012.
  2. Kristina Grifantini. "Plug and Play" Hospitals // MIT Technology Review (Digital). 2008.
  3. . «» // SecureList. 2017
  4. Tom Simonite. With Hospital Ransomware Infections, the Patients Are at Risk // MIT Technology Review (Digital). 2016..
  5. Sarah Marsh. NHS workers and patients on how cyber-attack has affected them // The Guardian. 2017
  6. Alex Hern. Hackers publish private photos from cosmetic surgery clinic // The Guardian. 2017
  7. Sarunas Cerniauskas. Lithuania: Cybercriminals Blackmail Plastic Surgery Clinic with Stolen Photos // OCCRP: Organized Crime and Corruption Reporting Progect. 2017
  8. Ray Walsh. Naked Plastic Surgery Patient Photos Leaked on Internet // BestVPN. 2017
  9. Adam Levin. Physician Heal Thyself: Are Your Medical Records Safe? // HuffPost. 2016.
  10. Mike Orcutt. Hackers Are Homing In on Hospitals // MIT Technology Review (Digital). 2014.
  11. . 2017. // : - . 2016.
  12. Jim Finkle. Exclusive: FBI warns healthcare sector vulnerable to cyber attacks // Reuters. 2014.
  13. Julia Carrie Wong. Los Angeles hospital returns to faxes and paper charts after cyberattack // The Guardian. 2016.
  14. Mike Orcutt. Hollywood Hospital's Run-In with Ransomware Is Part of an Alarming Trend in Cybercrime // MIT Technology Review (Digital). 2016.
  15. Robert M. Pearl, MD (Harvard). What Health Systems, Hospitals, and Physicians Need to Know About Implementing Electronic Health Records // Harvard Business Review (Digital). 2017
  16. 'Thousands' of known bugs found in pacemaker code // BBC. 2017
  17. Peter Pronovost, MD. Hospitals Are Dramatically Overpaying for Their Technology // Harvard Business Review (Digital). 2017
  18. Rebecca Weintraub, MD (Harvard), Joram Borenstein. 11 Things the Health Care Sector Must Do to Improve Cybersecurity // Harvard Business Review (Digital). 2017
  19. Mohamad Ali. Is Your Company Ready for a Ransomware Attack? // Harvard Business Review (Digital). 2016.
  20. Meetali Kakad, MD, David Westfall Bates, MD. Getting Buy-In for Predictive Analytics in Health Care // Harvard Business Review (Digital). 2017
  21. Michael Gregg. Why Your Medical Records Are No Longer Safe // HuffPost. 2013
  22. Report: Health care leads in data breach incidents in 2017 // SmartBrief. 2017
  23. Matthew Wall, Mark Ward. WannaCry: What can you do to protect your business? // BBC. 2017
  24. More than 1M records exposed so far in 2017 data breaches // BBC. 2017
  25. Alex Hern. Who is to blame for exposing the NHS to cyber-attacks? // The Guardian. 2017
  26. How to Protect Your Networks From Ransomware // FBI. 2017
  27. Data Breach Industry Forecast // Rxperian. 2017
  28. Steven Erlanger, Dan Bilefsky, Sewell Chan. UK Health Service Ignored Warnings for Months // The New York Times. 2017
  29. Windows 7 hardest hit by WannaCry worm // BBC. 2017
  30. Allen Stefanek. Hollwood Pressbyterian Medica Center .
  31. Linda Rosencrance. Synthetic Identity Theft: How Crooks Create a New You // Tom's Guide. 2015.
  32. What is Synthetic Identity Theft and How to Prevent It .
  33. Synthetic Identity Theft .
  34. Steven D'Alfonso. Synthetic Identity Theft: Three Ways Synthetic Identities Are Created // Security Intelligence. 2014.
  35. Will Knight. The Dark Secret at the Heart of AI // MIT Technology Review. 120(3), 2017.
  36. .. - // « ».
  37. // « ».
  38. // « ».
  39. . // « ».
  40. // . 2015.
  41. . // Computerworld . 2012.
  42. . // Computerworld . 2012.
  43. . // . 2016.
  44. . // 2012.
  45. «-» .
  46. .. «» // « ».
  47. () + .
  48. E-Hospital. Official site .
  49. // « ».
  50. IT- ?
  51. () // « ».
  52. // « ».
  53. // « ».
  54. // « ».
  55. .., .. // IT-. 3(4). 2015.
  56. IT : // . 2013
  57. .., .., .. // . 2015.
  58. . // . 2017
  59. . – « » // . 2016.
  60. « »: WannaCry // 2017.
  61. . // . 2017
  62. Erik Bosman, Kaveh Razavi. Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector // Proceedings of the IEEE Symposium on Security and Privacy. 2016. pp. 987-1004.
  63. Bruce Potter. Dirty Little Secrets of Information Security // DEFCON 15. 2007.
  64. . «» - .


')

Source: https://habr.com/ru/post/460361/



All Articles