2. Honeynet mission
To learn the tools, tactics and motives involved in
computer and network attacks, and share the
lessons learned.
Outline:
eHealth attack: motives, tacticts, tools.
3. What is eHealth?
http://www.who.int/trade/glossary/story021/en/
E-health is the transfer of health resources and health care by
electronic means. It encompasses three main areas:
The delivery of health information, for health professionals and
health consumers, through the Internet and
telecommunications.
Using the power of IT and e-commerce to improve public health
services, e.g. through the education and training of health
workers.
The use of e-commerce and e-business practices in health
systems management.
4. 4(#total)
eHealth - The Future of Healthcare
The banking metaphor
Most transactions carried out
by the customer
Centralisation of specialist
services
Decentralisation of non-
specialist services
5. 5
(#t
Existing Health on the Web
Estimated to be ~20,000 health websites
Used by 98 million adults
75% of people who have web access
average of 3.3 times per month
More than consult doctors each day3
7M e-patients/day on the net; 2-3M patients see a doctor
6. 6
(#t
Existing Health on the Web
Access to accurate information can lead to
more knowledgable, empowered, less anxious
patients
more participatory health decisions
better care as patient and doctor become
partners
Mis-information can lead to
confused and angry patients
bad decisions, mis-placed hope, worse care,
harm
Privacy violations can cause emotional and
economic damage
7. 7(#total)
eHealth
“Healthcare which is supported by electronic
processes”
Other terms:
– Healthcare informatics or Health Information
Technology (HIT)
– Medical Information Systems (MIS)
– Biomedical informatics (also includes Bioinformatics:
gene sequencing etc.)
8. 8(#total)
eHealth includes:
Electronic Medical Records: easy communication of patient data between different
healthcare professionals (GPs, specialists, care team, pharmacy)
Telemedicine: do not require a patient and specialist in same physical location.
Decision support systems in healthcare
Data can be analysed to provide alerts, reminders and real-time decision aids
Evidence Based Medicine:
The application of the scientific method to medical practice
Check if diagnosis is in line with scientific research.
Data can be kept up-to-date.
Citizen-oriented Information Provision: for both healthy individuals and patients
Specialist-oriented Information Provision: best practice guidelines from latest
medical journals.
Virtual healthcare teams: collaborate and share information on patients through
digital equipment (for transmural care).
9. 9(#total)
Transmural Care
Transmural: Care should not stop at the walls of the hospital
– Both intra- and extra-mural, thus ‘transmural care’.
– Care before, during and after the hospital stay.
– Cooperation and coordination among local practitioner,
hospital, home care and rehabilitation centres
– Patient part of an agreed programme - protocols and
standards.
10. 10(#total)
Medical Errors
Human Errors:
IOM Report, 1999
44,000 to 98,000 die in US annually from medical
errors
at 44,000, would rank as 8th leading cause of
death
car accidents: 43,458
breast cancer: 42,297
AIDS: 16,516
7000 deaths from medication errors alone
12. Data Breaches by Sector in 2012
Symantec: Internet Security Threat Report
2013 :: Volume 18
13. Ancaman-ancaman (Threats)
Pihak manajemen rumah sakit (CEO) tidak
sepenuhnya mengerti tentang resiko keamanan
informasi dan cara mengelola dan menanganinya.
Sulit mencari professional yang berbakat di bidang
keamanan informasi.
Orang dalam (insiders) yang sengaja atau tidak
sengaja membocorkan informasi personal dan
rahasia.
14. Hacktivists
Crime as a Service (CaaS)
Kebocoran informasi (Information leaks)
BYOD (bring your own device)
BYOC (bring your own cloud)
Regulasi (regulation) dari pemerintah tentang
keamanan informasi rumah sakit
Big Data
Ancaman-ancaman (threats) - lanjutan
16. Motives
1. Personal financial gain
Blackmail, competitive advantage, lawsuit, career advancement,
corruption of clinical trials or research results, divert valuable assets
2. Revenge
Denied advancement, perceived wrong, ideological redress (common
occurrences from a potentially disgruntled employee; higher probability
then most other sources of threat to an agencies information,
information technology infrastructure, and/or physical facilities)
3. Curiosity and thrill seeking
Non-malicious hacker, desire to be an insider, “how does it work”
reasons, gain access
4. Intellectual challenge, learning, need for acceptance and respect
Malicious and non-malicious hackers, destroy data bases, take control
5. Personal evidence
Cover a crime, cover a mistake, insider and external information
destruction
17. Motives
6. Institutional evidence
Cover crime, cover bad decisions, cover misadventures, change clinical
trials or research results, intimidate personnel
7. Perceived moral or idealism purpose
Religious, cultural and philosophical radicals, demonstrate ideological or
religious causes, labor unrest, domestic and foreign cultural agitation,
“Robin Hood” motives
8. Military and national intelligence
Information on readiness, composition and disposition of units, status
and intent of forces, impact readiness through destruction of capability
9. Political and economic intelligence
Gain information on individuals, gain advantage in international
negotiations, obtain research and other valuable technical information
that would be too expensive to develop by oneself or in failing block,
keys, etc.
18. Motives
10. Business intelligence
Competitive advantage, trade secrets entrusted to government, illegally
obtain product specifications or research content and results, illegally
obtain data to conduct research
11. Terror
Create life threatening situations, destroy care capability, weaken
culture and values
12. Ignorance
Intruders may be unaware that actions are illegal and punishable,
consultants obtaining unauthorized password block, keys, etc.
20. Tactics
Stolen devices (laptop, flashdisk, harddisk, etc)
Sniffing the network
Social engineering
Trojan Horse: A program that, unknown to the user,
contains instructions that exploit a known vulnerability in
some software.
Back Doors: In case the original entry point has been
detected, having a few hidden ways back makes reentry
easy and difficult to detect.
Malicious Applets: Tiny programs, sometimes written in the
popular java computer language, that misuse your
computer's resources, modify files on the hard disk, send
fake E-mail, or steal passwords.
22. Conclusion
To secure eHealth:
a raised level of awareness,
shared responsibility, constant risk assessment and
testing procedures,
the management of identified risks,
and finally the most difficult issue of implementing truly
comprehensive and steadfast legal and enforcing
mechanisms
It is important to apply Cyber Hygiene for all
employees and medical staffs in the hospital
23. Q & A
Health IT Security
Forum
www.healthitsecurity.or
g
lookus@gmail.com
hadisyahrial@gmail.com