Information protection in the health care sector

What it means for continuity management in the healthcare sector when departmental computers or medical equipment can be attacked at any hour was once again demonstrated at the 5th "Information Security in Healthcare" conference.

Unlike the Ransomware and WannaCry attacks that kept end users and enterprises around the world on edge in 2017 (see May 2017 MQ and the post "WannaCry attack - no sigh of relief yet"), there were fewer all-encompassing outbreaks per se in 2018 except for the Emotet malware.

When viruses like Emotet circulate
In November 2018, for example, a clinic in Fürstenfeldbruck, Bavaria, was completely "frozen" by the Emotet virus. The clinic had to manage without computers and ambulances had to be sent to other hospitals.

As we learned right at the beginning of the conference, a different, more per- fident form of malware now dominates the scene. This one tends to creep up on the entire integrity of a healthcare facility, but can sometimes block the entire operation.

Malware authors focused their attention on hospitals, especially in the second half of 2018, mainly due to more promising profit maximization. The detection of malware targeting enterprises increased significantly - by 79 percent to be precise - compared to the previous year.

This is mainly due to the increase in backdoor attacks, miners, spyware and information theft, which specifically includes health data.

The year 2018 saw a shift in ransomware attack techniques. Instead of the classic approach of using malvertising exploits to provide entry points for ransomware, threat actors conducted targeted, manual attacks.

Improve current information sovereignty
It is very complex not only to detect damage, but also to clearly regulate the responsibilities of those responsible for information. Dr. Eric Dubuis, Professor of Informatics at the Bern University of Applied Sciences, pointed out that not only hospital managers and doctors, but also pharmacists, affiliated admin service providers and even laboratory employees can be infected with malware and spied on.

In the individual conference streams, a great deal was learned about the status quo of the medical industry. For example, Chris Berger, UMB AG, pointed out certain gaps in the industry: "Swiss healthcare is only 20 percent digitalized, if a recent study by digital. swiss is anything to go by."

The conference participants agreed that personal data requiring special protection must be adequately protected and digitally encrypted.

Self-contained systems such as the electronic patient dossier gradually involve healthcare providers and patients in greater awareness of the release of clinical pictures or treatment steps. From 2020, this will promote closer networking between the various service providers and support a holistic view of patients' health.

Problem: Private apps like Whatsapp
However, there is a tendency for more and more users to share content not only via office computers, but also via social engineering offerings, e.g. via communication apps. This is where professionals could be "tapped" for personal data. Whatsapp, for example, was hacked globally as recently as May 2019.

Are the hospital service providers informed about all their (work) equipment linked to the network? In the event of a failure of medical equipment, comprehensive organisational measures - with additional staff deployment - would immediately become necessary in order to be able to continue operations.

Digitalisation and the resulting innovations support improvements and increase efficiency in healthcare. However, the electronic recording, transmission, processing and interpretation of healthcare data would not be granted in the same way everywhere, experts said in conclusion at the "Information Security in Healthcare" conference.