Welcome back to the Dispotech, your disposable excellence blog.
Health data far exceeded the value of credit cards or social security numbers for hackers, according to Olli Jarva, managing consultant at Synopsys’s Software Integrity Group.
This statement, which we gathered from an article originally published on medicaldevice-network.com, comes in response to a major cyber attack on the Singapore public health database.
At the end of July, in fact, more than one and a half million health profiles - and sensitive data - were stolen by hackers and no one was spared: among the “violated” there was the Prime Minister Lee Hsien Loong, too.
As to what public health professionals can do to protect this sensitive information, Jarva noted: “When designing and building systems to withstand counter attacks, we should start thinking first about their internal security, rather than just building a barrier that defends them from the outside. Which means that, before writing a single string of code, we have already begun to build a potential ‘map’ that circumscribes security problems”.
He continues saying: “Security issues can be divided into two parts: there are system failures and bugs. To detect and neutralise security flaws in software, it is necessary to identify them in advance so that they do not occur again in the future. One has to be vigilant when it comes to understanding how and what kind of data we are protecting, where it is located and what kind of security controls we have to protect it.”
This is a challenge that can be difficult to meet. According to Jarva, it may not be possible for the most vulnerable components to be identified immediately, adding that “from the point of view of safety, the health industry shares the same shortcomings as other companies, with - often - additional obstacles to overcome”.
These additional obstacles, which we would often encounter, include a potential lack of security and financial resources, as well as an experienced hand to correct any weaknesses or flaws in the system. In addition, standardizing security on all devices connected to a healthcare network can be difficult due to the disproportionate number of medical devices involved.
What do you think about the issue we have outlined? Have your say by contacting Dispotech, your disposable excellence.