The hospital system was hacked and attacked again. On February 6, according to the "medical think tank" news, a public hospital system in Shanghai was hacked, and hackers extorted 200 million yuan of Ethereum.
Why are hackers interested in hospital data?
The behavior of hackers is hard to understand, and no one knows who is the next one. Why do hackers prefer medical data?
Medical data is different. When we go to the hospital to see a doctor, we often reveal key information such as social security account number, personal financial information, claim data and clinical data. Through the patchwork of these information, hackers can draw a complete picture. The personal information map comes. In the black market, if the information can make the criminals invade the personal bank account, it is normal for the information to sell for a few hundred dollars.
On the other hand, Dave Kennedy, chief executive of information security company TrustedSEC LLC, said, “The hospital's security system is very weak, so it is also the most vulnerable to hacking and getting a lot of patient information.†This information includes the patient's Name, birthday, policy number, diagnosis, and billing information. The fraud group will use this information to create fake ID cards for the purchase of medical devices or drugs, and ultimately to resell.
In addition to internal and external, hacker attacks in foreign hospital systems are more common.
In February 2016, the system of a medical center in Hollywood was hacked and shut down its internal computer system for a week. In order to be able to work as soon as possible, the hospital paid 40 bitcoin (valued at about 17,000 US dollars), and the system was able to return to normal.
In May 2017, a plastic surgery hospital system in Lithuania was hacked. The hacker asks for a ransom for clients who have undergone cosmetic surgery at this hospital (from Germany, Denmark, the UK, Norway, and other European countries), otherwise the customer's personal information will be disclosed. The report said that more than 25,000 personal privacy photos and information were leaked.
On May 12, 2017, the British NHS, a member of the universal health care system, suffered a number of medical institutions. The computer system of many public medical institutions has been “smashed†and it is impossible to access case information, appointment information and internal telephone and email systems. It is understood that many computer screens pop up a dialog box. The information in the dialog box says that all the data, photos, videos and other files in the computer have been encrypted. Only the equivalent of $300 bitcoin is paid to a "wallet." "The link can recover the data; if the payment is not completed within seven days, all data on the attacked computer will be permanently lost. On the same day, the systems of many medical institutions were disturbed, the appointment information and the internal system of the hospital were paralyzed, and many patients were forced to cancel their appointments and even surgery.
The hacker is not dead, what preparations should the hospital CIO do?
As the first basic law in China to comprehensively regulate cyberspace security management, the "Network Security Law of the People's Republic of China" (hereinafter referred to as the "Network Security Law") was officially implemented on June 1, 2017, and its implementation marks China. Since then, network security has been law-abiding. Cyberspace governance, network information dissemination order regulation, and cybercrime punishment are about to open a new page. At the same time, it has far-reaching and significant significance for safeguarding China's network security and safeguarding the overall security of the country. The "Network Security Law" plays an important role in protecting the public interest of the society, protecting the legitimate rights and interests of citizens, and promoting the healthy development of economic and social information.
So for CIOs, cybersecurity is a topic that cannot be avoided and must be taken seriously. It is necessary to have a correct understanding of the mind and a good working method. Since the cybersecurity issue has been clearly positioned at the strategic level, the information department should look at "cybersecurity" from a strategic perspective, rather than treating it as a "technical issue" in the field of informatization construction. For CIOs, they need to properly protect and maintain their systems, and they may face criminal accountability in the event of a cyberattack.
From the perspective of medical information security, it is also required to establish and improve the network security monitoring and early warning and information notification system, establish a network emergency work mechanism, and formulate emergency plans. Major emergencies are equivalent to medical accidents, and the economic losses and social impacts will be Unpredictable.
Article 33 of the "Network Security Law" shall establish a key information infrastructure to ensure that it has the performance to support stable and continuous operation of the business, and to ensure that safety technology measures are simultaneously planned, synchronized, and used simultaneously. According to the three-synchronization principle of the "Network Security Law", under the current circumstances, the focus of the information department's work is not only on system construction, but also on the operational status and operation and maintenance capabilities of the built-in system or under construction. I am afraid this is more closely related to "self-security." In addition, as far as "cyber security" is concerned, the information department is undoubtedly the main force. However, in order to win this war and survive in the battle, the main force must not fight alone, and must maintain good and effective communication and cooperation with leaders, medical personnel, and professional companies.
We are the supplier of high quality 100% recycled fabric Change Robe, waterproof change robe, long sleeve Adult Change Robe. Warm Change robe.
Waterproof Dry robe features:
1. 100% waterproof
2. High quality 100% recycled nylon fabric
3. big change space
4. YKK Zip
Sample with customized design and logo are available.
Welcome to discuss the details.
Waterproof Change Robe,Waterproof Change Robe,Surfing Change Robe,Swimming Change Robe
Suzhou Golden Gamrnet MFG Co.,Ltd , https://www.suzhoumfg.com