![\"computer-security-criminal\"](\"https:\/\/i0.wp.com\/angry.net\/blog2\/wp-content\/uploads\/2015\/02\/computer-security-criminal.jpg\")
<\/a><\/p>\n<\/p>\n
This does have benefits from a record keeping and billing point of view, but it does have a few negatives, one being the massive target for hackers and identity thieves. These records are on networks, and usually, they won\u2019t be air gapped networks<\/a>. Now we\u2019re seeing attacks against these networks increasing geometrically. Here are a few details on the problems from The Washington Post<\/a>:<\/p>\n The cyberattack on MedStar Health \u2014 one of the biggest health-care systems in the Washington region \u2014 is a foreboding sign that an industry racing to digitize patient records and services faces a new kind of security threat that it is ill-prepared to handle, security experts and hospital officials say. <\/b><\/p>\n For years, hospitals and the health care industry have been focused on keeping patient data from falling into the wrong hands. But the recent attacks at MedStar<\/a> and other hospitals across the country highlight an even more frightening downside of security breaches: As hospitals have become dependent on electronic systems to coordinate care, communicate critical health data and avoid medication errors, patients\u2019 well-being may also be at stake when hackers strike. <\/b><\/p>\n What this means is, it won\u2019t be having your records stolen, as has happened with health insurance companies such as Aetna, but actual records being altered and someone being given the wrong medications or treatments.<\/p>\n Hospitals are used to chasing the latest medical innovations, but they are rapidly learning that caring for sick people also means protecting their medical records and technology systems against hackers. An industry that has traditionally spent a small fraction of its budget on cyberdefense is finding it must also teach doctors and nurses not to click on suspicious links and shore up its technical systems against hackers armed with an ever-evolving set of tools. <\/b><\/p>\n I recently worked in the medical industry on a contract. The business entity was converting to a new electronic system. While I was there, something was found on a server that threw a major scare into the business. We were lucky that the system in question was due to be retired, and only had limited access to the new patient records. (Actually none at all, which was why it was scheduled for decommissioning) The business was just starting to get serious about their network security, but was having some serious pushback from the medical staff. Not surprising since their first thought is for their patients and not dealing with security.<\/p>\n In some ways, health care is an easy target: Its security systems tend to be less mature than those of other industries, such as banking and tech, and its doctors and nurses depend on data to perform time-sensitive, life-saving work.<\/b><\/p>\n Another issue is money. Ramping up a full bore network security system is not cheap, especially after spending hundreds of millions of dollars on a new record keeping infrastructure.<\/p>\n Where a financial-services firm might spend a third of its budget on information technology, hospitals spend only about 2 to 3 percent, said John Halamka, the chief information officer of Beth Israel Deaconess Medical Center in Boston. <\/b><\/p>\n \u201cIf you\u2019re a hacker… would you go to Fidelity or an underfunded hospital?\u201d Halamka said. \u201cYou\u2019re going to go where the money is and the safe is easiest to open.\u201d <\/b><\/p>\n Good luck breaking into Fidelity. Their cyber security people are top notch and very well paid. Hospitals, unlike banks and other financial institutions, aren\u2019t rolling in money. Most medical centers are Not For Profits, and don\u2019t have piles of money sitting around to use on network security systems. They would rather hire a new doctor or nurse, buy a new MRI machine or other medical device than spend it on new computers.<\/p>\n Because of the problems of getting medical and administrative people to think about cyber-security, hospitals are now getting hacked. The usual means is someone who isn\u2019t paying attention, clicking on a link and installing some form of malware on a system inside a hospital network. When this happens, hackers can start nosing around, looking for root and administrative access to all the systems. Once they get that, they can do anything. In the case of MedStar, it was flat out extortion.<\/p>\n MedStar spokeswoman Ann Nickels declined to elaborate on what sort of software attack the hospital suffered, but several employees have said they saw a pop-up message suggesting it was \u201cransomware\u201d — a kind of software that can lock people out of systems until they make a bitcoin payment. According to a photo of that message provided by a MedStar Southern Maryland Hospital Center employee, the hackers were demanding 45 bitcoins \u2014 equivalent to about $19,000 — to restore access to MedStar\u2019s system. <\/b><\/p>\n \u201cYou just have 10 days to send us the Bitcoin,\u201d the note read. \u201cAfter 10 days we will remove your private key and it\u2019s impossible to recover your files.\u201d <\/b><\/p>\n These sorts of attacks are usually initiated from overseas, making it difficult to deal with the hackers even if they are identified. In MedStar\u2019s case, they didn\u2019t pay and instead recovered their systems. Under a worst case scenario, people could have died because the doctors and nurses couldn\u2019t get the information they would need to treat them. This is one reason why paper records are still used, even if only in the short term.<\/p>\n The fact that some hackers decided to sabotage a hospital and put people\u2019s lives at risk suggests to me that they aren\u2019t really thinking down the road. Most of these hackers have really big egos, and they think they can get away with their actions. Recent prosecutions haven\u2019t dissuaded them. Of course, they might go after a hospital in a country that won\u2019t bother with things like their rights.<\/p>\n If they track down one or more of these people, well, let\u2019s just say that they will be questioned in ways that make waterboarding look like a new way to wash their faces. Basically, the pliers and blades would come out and fingernails would come off. Once the \u201cquestioners\u201d had the answers they wanted, said hacker would probably just be shot and the body disposed of. I wouldn\u2019t be surprised if it ended up on YouTube as an example of what would happen to the next person who broke into a hospital and caused the death of an Important person. For all I know, it\u2019s already happened.<\/p>\n Experts said the current attacks seem to be based in Eastern Europe, although it is hard to tell whether one group alone is responsible. The hacks have similarities, to be sure, but hackers trade tools and information. One concern is that as the attacks gain more news coverage, they will inspire more copycats who will use the same technique to target other vulnerable networks.<\/b><\/p>\n Eastern Europe is hard for law enforcement officials to get things done. The Eastern Europeans don\u2019t take this sort of crime as seriously as they do others, such ad drugs and terrorism. The hackers may think they are safe and secure in their anonymity, but I wonder just how anonymous they really are. I have no doubt that intelligence services from all around the world have identified a number of these people.<\/p>\n Now for some due diligence. I have a personal stake in this. My insurance company was hacked and my information stolen. It\u2019s believed that this was a national intelligence service that did this, since there was a follow up break in at the Office of Personnel Management, and all their records were stolen as well. No damage seems to have been done, although I think my records were altered.<\/p>\n My insurance didn\u2019t list the former Mrs. Webmaster when I went in to check things during our breakup. I know that she was listed on the account when I set it up. In our case, things worked out, well, in the sense that no damage was done that would have required medical treatment for the former Mrs. Webmaster, but if things had been different, lawyers would have been involved.<\/p>\n Cyber Security is a major issue. The Financial Industry has been taking it seriously for a long time. Now, the medical industry is going to have to get serious as well, and it\u2019s going to cost a lot of money. Do I have any answers on how to do all this? No, but I do know that a \u201cOne size fits all, Top Down\u201d approach won\u2019t work. For now, doctors, nurses and others in the Medical field will just have to be very careful and security groups will have to do things like strip out external links and attachments in email.<\/p>\n Thatisall<\/p>\n ~The Angry Webmaster~<\/b><\/i><\/p>\n [yasr_visitor_votes size=”medium”]<\/p>\n","protected":false},"excerpt":{"rendered":" Not really I’m afraid. Good day all. For the past few years, under pressure from the Obama Regime, hospitals and doctors offices have been putting all their records into electronic form, and moving away from paper files. Continue reading <\/a><\/p>\n<\/a><\/p>\n