Escolar Documentos
Profissional Documentos
Cultura Documentos
Abstract
Information technology has become an integral part of any organization in
the modern era of globalization. The organizations who have failed to use IT
properly for their benefit either have declined or is in a very unproductive
stage. Implementation of IT also brings in some dangers which are required
to be dealt efficiently with responsibility. This efficiency comes with adequate
knowledge of the nuances of the IT industry and the main drawbacks or
problems regarding the system. In this case study, Sunnylakes hospital has
been attacked by intruders and Sunnylakes electronic medical records
(EMR), which used to help a lot to Sunnylake to improve its performance in
dealing with patients information, have got hackers attack. The CEO of
Sunnylake hospital Paul received the blackmail continuously and is facing a
mind-boggling and annoying situation. With respect to this issue in the case,
this report will discuss the suggestions to deal with the attack and offer some
recommendations to Sunnylake in addition to the three pieces of advice
given by the experts in the case.
The Case
Sunnylake Hospital started as a community center with a vision to help
people to cure their disease. Paul Layman, the CEO of the Sunnylake Hospital
had joined the organization five years back with a vision of implementing
cutting edge technology to the community center to build it into a hospital
which is sought after by the people. Paul implemented electronic medical
records (EMR) which replaced the traditional way of prescribing and checking
patients records through papers by converting them into digital data. One
day an email stating the fault of the security systems of the organization was
found in the inbox of Paul Layman mail by some anonymous person.
However, Paul having full faith in his IT department and its director of IT
Jacob Dale ignored the message and hadnt gave a thought about it
seriously.
But on the starting of the next week it was found that the complete EMR
systems has been hacked and no one can access the data related to
patients. Jacob and his team of IT people are tried to bring back the data
however they are hacked again and again. There is a $100,000 demand from
the Hackers which would bring back the system back to normal.
Findings from this case
The following facts were recorded from the case study regarding the
implementation and maintaining of the system which can influence the way
out from the distress that Sunnylake Hospital is in.
Though the IT system of Sunnylake was one of kind and they were
pioneer in implementing the IT system they never gave a thought to
the security system of their data. The security system perspective
of the data has gone through a change in the last few years and also
the systems to infiltrate them.
He had too much trust on the IT department which made it
overconfident to look out for any discrepancies in the system which
also led to the attack.
They had the backup of the data which can be accessed through
EMR only. During any emergency other than hacking such as service
failures and other factors it would be impossible to retrieve those data.
They should have built a physical backup in terms of flash drive or
documents which can be accessed easily.
The usage of the EMR was restricted to authorizes personnel only but
they were vulnerable to infiltrate as a number of people objected the
implementation of the ENR. They should have built a strong
identification system to use the EMR.
Out of all mistakes, there were two points which matched exactly what we
had learned in the lecture. That can be categorized as technical and human
factors. Sunnylake faced the situation when someone was downloading
antivirus or uploading an existing application, this is the human factor. It
seems that the IT department does not have efficient security tools for
restricting the execution of some bugged software without the approval of IT
administrator and they do not have updated or upgraded security system,
this is the technical factor.
Security plans for the future include, implementation of strict
security policies, installation of network based infection detection system,
limited access to the users, blocking potentially dangerous ports and
websites, email filtration, isolating the intranet from the Internet, upgrading
the system with trained IT security professionals and training the staffs.
There are also some good points that can be taken from lecture notes. As for
example, critical information should have an individual owner.
Information security should be included in staff agreements, so that no one
can be careless about executing bugged software. User validation,
restriction, and security awareness can greatly reduce IS misuse and
promote security environment.
A strong firewall system is required to be built to secure the data from
infiltration. As we come to know from the case that though the IT department
was able to restore the system it was being hacked again, which implies the
absence of a strong firewall system. More awareness is required in EMR front
as it is evident that the hackers were able to enter the system through some
applications that the users used. A review committee to check any problem
and suggest the solutions required to be formed. The committee should have
third party representatives to have a neutral view.
A physical back up of sensitive data such as detail study and past records
of the patients, their medical background should be kept in hard copies and
also in flash drives, so if emergency occurs that will not affect the day to day
operations of the hospital to a great extent. The hospital is bound to
reconsider the security question from the view of initiative defense seriously,
mainly the security technology.
Since it involves the life of the people, there is a necessity for redundancy of
backup and a disaster recovery plan in case of emergencies which can
minimize the downtime and bring back the hospital into business.
Make full use of anti-spam technology and strictly implementation
For Sunnylake hospital, it is wise to enhance their security awareness, the
maximum extent possible to avoid the disclosure of e-mail address.
The unwanted and malicious traffic has often been mistranslated by the
media as hackers. A more correct term for them would be crackers.
According to NISER, a hacker is defined as an individual who has strong
interest in the workings of any computers and will not to damage the system.
There are some hackers who have strayed away from this code and are
commonly called black hat hackers. A cracker, however, breaks into systems
usually using someone elses code and inflicts damage and defacement to
the site. Together these two groups cause a company much grief and cost
them a lot of time and money. A classic example of this is when several
international sites belonging to Microsoft.com were hacked. Initially, there
did not seem to have been any damage to the sites, but when further
research was done it was found that certain source codes were viewed and
possibly copied. The source code is the basic building blocks of computer
applications and it relates to the computer how the program is to function.
It is also noted that Microsoft not only has a problem with hackers seeing
their source code, but also with crackers defacing many of their overseas
sites. According to results found on Alldas.org has been defaced on at least
thirty-six separate occasions. Also according to these results, there were
twenty-two different attackers. This means that some of the attackers
hacked into Microsoft on several different occasions and in several different
locations. The dates of these attacks range from January 7, 2001 until March
30, 2002. By these statistics, it seems the hacks are still taking place. This
proves that if a giant corporation like Microsoft could be hacked while
spending millions of dollars each year on security, it could happen to anyone.
One cannot assume that this was due to lack of preventative maintenance
on the part of Microsoft.com. No Internet based company will ever be 100%
secure. This is because a hacker or cracker only needs to send an alluring
email containing a well-disguised virus to an employee inside the company.
Upon opening the email, the virus is automatically placed in the system.
Anti-virus software can only find viruses by locating signatures of older
viruses. All an attacker has to do is slightly modify the signature to get
through. Microsoft learned the following six lessons, which could be taken by
other companies such as SunnyLake in order to prevent such numerous
attacks:
1. Offsite computer must be secure have a personal firewall and, up-to
date Anti-Virus scanner software.
2. External passwords must be kept secure.
3. Proactive review of network logs.
Internal misuse: DLP software is also critical for ensuring sensitive data does
not leave the environment. It is alleged that internal employees were paid to
send emergency room records to outside vendors, such as lawyer referral
services and chiropractors. Sensitive data being sent from corporate email
addresses to personal email accounts between the hours of 4 and 6 p.m.
These same documents were then coming back into the environment
between 8 and 11 p.m., from their personal emails to their corporate emails.
Upon investigation, the client found that employees were doing this to avoid
having to virtual private network (VPN) into the environment. Their intentions
were good, trying to get work done at home, but this was clearly a misuse of
sensitive data. DLP software can be leveraged to help protect against both
intentional and unintentional misuse of data. It can be configured to monitor
various types of user actions, such as sending data via email, uploading it to
a website, copying it to a USB stick, sending via instant message or even
printing.
Advanced hacking threats
The traditional defense in depth approach to protecting healthcare
organizations is not working. More advanced tools and processes need to be
in place to better identify and monitor these advanced attacks. Full packet
capture tools fused with external threat intelligence can help identify attacks
as they occur on the network in real time. These tools can help you better
detect possible malicious activity on your network and remediate it before
data loss occurs. Another problem with advanced threats is that the malware
used often goes undetected by traditional anti-virus programs. Organizations
must strongly consider advanced malware detection tools beyond that of
traditional anti-virus. Advanced malware analytic tools on the market today
can better identify the likelihood that a file or system is infected.
Records from
The firewalls and other technology safety measures were not in place to
protect the records at the same time the mandate was issued to health care
providers to get on the ball with the transfer of paper records to enter into
their own computers.
employees,
also
includes
Conclusion
The case study gives us an exposure to the fact that IT is essential for any
organization to flourish but to survive and sustain it is also required to
update the knowledge regarding the developments of the facets of the
systems. Also implementing any system should be followed by proper
training of personnel using the system as ignorance about the facts of the
system can lead to bigger problem than ever imagined.
References:
Hackers/Crackers
and
Their
Effects
http://www.angelfire.com/tn/koolest/Hackers.pdf
on
E-Commerce
of
:http://www.ukessays.co.uk/essays/information-
system/case-of-sunnylake-hospital.php
Caroline Eisenmann September 9, 2009 http://blogs.hbr.org/2009/09/whenhackers-turn-to-blackmail/
RachaelOhalloranhttp://rachaelohalloran.hubpages.com/hub/Spotlight-On-
How-Safe-Are-Your-Electronic-Medical-Records-From-Hackers