1 / 16

Today and Future Healthcare Information Security Threats

Today and Future Healthcare Information Security Threats. นายแพทย์ สุธี ทุวิรัตน์ CISA. Agenda. Healthcare Information Security & Public Safety. Wireless Vulnerabilities.

Download Presentation

Today and Future Healthcare Information Security Threats

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.


Presentation Transcript

  1. Today and Future Healthcare Information Security Threats นายแพทย์ สุธี ทุวิรัตน์ CISA

  2. Agenda • Healthcare Information Security & Public Safety

  3. Wireless Vulnerabilities • The Mail surveyed 12 hospitals in the South-East. In seven we were able to pick up wireless signals that could be easily accessed without a password. • They were the London hospitals Guy's, St George's and St Mary's; Kent and Sussex Hospital, in Tunbridge Wells; St Helier Hospital, in Surrey; Wexham Park Hospital, in Berkshire; and Wycombe General Hospital, in High Wycombe.

  4. Hacker breaches San Diego hospital • A San Diego medical center is warning patients that a hacker may have accessed their personal information.

  5. Attack On A Liverpool Hospital  • In 1994 a hacker hacked into a Liverpool hospital and changed the medical prescriptions for patients. • A nine-year-old patient who was prescribed a highly toxic mixture survived only because a nurse decided to re-check his prescription. • The hacker's stated motive was, he wanted to know what kind of chaos could be caused by penetrating the hospital computer.

  6. Nurse-Hacker alter Prescription • The judge found Rymer guilty and sentenced him to a year in jail. And the hospital’s executive nurse said “tighter computer security” was implemented to ensure this did not happen again. Nurse-hacker Alters Hospital Prescriptions, supra.

  7. Attack On Northwest Hospital in Seattle • Christopher Maxwell A 20-year-old California hacker was sentenced to 37 months in federal prison for creating a virus that jeopardized patients at Northwest Hospital in Seattle, damaged computers at U.S. military installations worldwide and affected thousands of others. • Investigators have identified 441,000 computer systems hacked by Maxwell's robot virus, including 104 country domains, 276 ".net" domains, 128 ".com" domains, and 28 ".edu" domains.

  8. Northwest Hospital was hit on Jan. 9, 2005. • The hospital's surgical, patient financing, information management, diagnostic imaging and laboratory systems were affected. • Operating room doors wouldn't open, doctors' pagers didn't work, and computers in the intensive-care unit shut down.

  9. The hospital switched to its disaster plan, and used runners to move medical records and lab test results. Elective medical procedures had to be rescheduled. • Luckily no patients were harmed.

  10. Attack on Chicago Hospitals • June 14, 2007 James C. Brewer of Arlington, Texas was indicted on charges of infecting more than 10,000 computers globally with a bot, including two Chicago-area hospitals operated by the Bureau of Health Services in Cook County, Ill.The computers at the two hospitals repeatedly froze or rebooted from October to December, resulting in delayed medical services. Brewer was released on a $4,500 bond.

  11. Lasik Surgery • The U. S. Food and Drug Administration issued warning letters to 17 Lasik vision-correction ambulatory surgical centers after inadequate reporting systems were found during an inspection.

  12. Identity Fraud Scam • An employee at Johns Hopkins Hospital in Baltimore may have intentionally leaked the personal information of more than 10,000 patients, according to Dark Reading. • The hospital is offering credit monitoring and fraud resolution services, as well as US$30,000 in identity theft reimbursements to the 31 victims. It has also notified the other 10,000 patients whose records were in the database.

  13. Implanted Medical Devices • At least 100,000 patients in the US have some sort of implanted device that reduce medical visits by sending information on a patient to a monitor that then sends the data to a doctor. • These devices might be vulnerable to hackers. • A team of researchers found that they were able to gain wireless control of a combination heart defibrillator and pacemaker.

  14. Implanted Medical Devices • They could reprogram it to shut down, and to deliver jolts of electricity that would potentially be fatal. • They also were able to gather personal patient data.

  15. Hacker Attack Epilepsy Forum • Hacker user Java Script and Flash animations

  16. HVAC System Compromised by Hacker • McGraw's immediate actions could have allowed him to shut down the HVAC system at a Dallas building which contains the Carrell Clinicorthopedics facility and North Central Surgical Center. A loss of air-conditioning in the hot Texas weather could have threatened the safety of patients, staff members, and visitors. McGraw "did jeopardize [the HVAC] system," Colvin said. "It's frightening."

More Related