Healthcare and Technology news
51.3K views | +3 today
Healthcare and Technology news
Your new post is loading...
Your new post is loading...!

Study to Probe Healthcare Cyber-Attacks

Study to Probe Healthcare Cyber-Attacks | Healthcare and Technology news |

In the wake of the recent hacker attacks on Anthem Inc. and Premera Blue Cross that compromised personal data on millions of individuals, the Health Information Trust Alliance is attempting to launch a study to get a better understanding of the severity and pervasiveness of cyber-attacks in the healthcare sector, as well as the attackers' methods.

HITRUST, best known for its Common Security Framework hopes to recruit hundreds of participants for its "Cyber Discovery" study. Organizations that join the study will monitor for signs of attacks for a 90-day period using data gathered with Trend Micro's threat discovery technology, which works with security information and event management systems. "It's like a big sandbox that works in a passive mode and collects everything and tries to analyze everything that comes into the sandbox," Dan Nutkis, HITRUST CEO, tells Information Security Media Group.

Participants can use the data that's collected and analyzed by the technology for their own cyber-intelligence activities. For the study, the participating organizations will provide anonymized data regularly to HITRUST for analytical purposes. "We don't have the name of the organization, just the type of organization," Nutkis says.

Security expert Mac McMillan, CEO of security consulting firm CynergisTek, says that as long as HITRUST can guarantee the data collected from healthcare organizations is anonymized, the alliance might be able to attract participants. And if there are enough participants, "a study such as this based on empirical data can paint a relevant picture with respect to the risk that healthcare entities face, and therefore, would be very valuable if done correctly," adds McMillan, chair of the HIMSS Privacy & Security Policy Task Force.

HITRUST hopes to have the necessary software and hardware installed at all the participating organizations by the end of May, Nutkis says. It will publish an initial report of findings and recommendations approximately four months from the launch of the project.

Digging In

The organization is seeking about 210 voluntary participants from the healthcare sector, including insurers, hospitals, accountable care organizations and clinics. Each will participate for 90 days or longer, Nutkis says. Participants do not have to be members of HITRUST to qualify.

Each participating healthcare organization will get free use the Trend Micro technology during the study. Trend Micro will install the appliance and train organizations how to use it and how to conduct the forensics analysis, Nutkis says.

"The goal is to understand the threat actors, the methods and their targets," he says. Among the questions to be addressed, he says, are: "Are these actors targeting health plans or are they targeting specific types of equipment or types of data? Are they after PHI or PII? What's the level of persistence? What's the duration of them trying to get in? Do they keep coming back?"

The study aims to accurately identify attack patterns as well as the magnitude and sophistication of specific threats across enterprises, he says.

Recent Attacks

When it comes to the recent attacks on Anthem and Premera, and their significance to the healthcare sector, "there's a lot speculation and conjecture about what's going on," he says. "There was a great level of concern after the Community Health System attack" last year, in which hackers compromised data of about 4.5 million individuals. Because they were reported about six weeks apart, the Anthem and Premera breaches raised concerns about whether they were related, he says. While those breach investigations are still ongoing, the healthcare sector is trying to understand who's being targeted, how and for what data, he explains.

Nutkis says HITRUST will consider whether to repeat the study annually to track emerging trends.

McMillan, the consultant, says the value of the study to the healthcare sector will ultimately depend on what is examined. "For instance, will it address social engineering or things like phishing? Phishing is a huge issue for healthcare right now and is believed to have had a role in the many of the high-profile breaches of last year."

No comment yet.!

Obama Sees Need for Encryption Backdoor

Obama Sees Need for Encryption Backdoor | Healthcare and Technology news |
Although President Obama said he sees the need for law enforcement to gain access to encrypted data on a suspected terrorist's digital device, he stopped short of calling for a law to require manufacturers to provide a so-called "backdoor" to break encryption on mobile devices.

See Also: How to Implement the NIST Cybersecurity Framework Using COBIT 5

At a Jan. 16 White House joint press conference with British Prime Minister David Cameron, Obama said his administration is discussing with device manufacturers and software providers ways for authorities to gain access to the encrypted data without compromising the privacy and civil liberties of citizens.
Related Content

Mitigating the Risk of Backdoor Attacks
Security Firm: 1.2 Billion Credentials Hacked
Shellshock Bug: How to Respond
A Holistic Approach to Security
Making the Business Case for IAM

Related Whitepapers

Information Security Risk and the Need for Quantitative Ratings
Top 10 Tips for Educating Employees about Cybersecurity
Virtualization Security Options: Choose Wisely
Practical Guide to IT Security Breach Prevention Part I: Reducing Employee and Application Risks
Practical Guide to IT Security Breach Prevention Part II: Reducing Mobile, Web, and Social Media Risks

"The dialogue that we're engaged in is designed to make sure that all of us feel confident that if there is an actual threat out there, our law enforcement and our intelligence officers can identify that threat and track that threat at the same time that our governments are not going around fishing into whatever text you might be sending on your smart phone," Obama said.

Cameron, being less nuanced than the president, reiterated his belief that it's justifiable for authorities to gain access to encrypted data on mobile devices, just as for years, laws and regulations allowed telephone conversations to be tapped or mail intercepted and read.
'Keep Our Countries Safe'

"We're not asking for backdoors; we believe in very clear front doors through legal process that should help to keep our countries safe," Cameron said. "My only argument is that as technology develops as the world moves on, we should try to avoid the safe havens that otherwise could be created for terrorists to talk to each other."

In October, FBI Director James Comey said he wants Congress to update a 20-year-old law to give law enforcement authorities access to encrypted data of suspected criminals (see FBI Director Ignites Encryption Debate).

Listen to the full remarks on encryption President Obama and Prime Minister Cameron delivered.

Cameron reportedly planned to lobby Obama to criticize technology companies that offer encrypted communications that cannot be cracked by government authorities for terrorist investigations (see Cameron to Ask Obama to Help Weaken Crypto).

Obama, in his remarks, wasn't critical of the technology companies that have resisted creating a backdoor; indeed, he was a bit sympathetic. "We're still going to have to find ways to make sure that if an al Qaeda affiliate is operating in Great Britain or the United States that we can try to prevent real tragedy; I think the companies want to see that as well," Obama said. "They're patriots, they have families they want to see protected.
Squaring the Circle

"We just have to work through in many cases what are technical issues. It's not so much that there are differences in intent, but how to square the circle on these issues is difficult. And, we're working with partners like ... the United Kingdom, but we're also going to be in dialogue with companies to try to make that work."

From a technical standpoint, however, many security experts say that any attempt to undermine crypto, for example by mandating that backdoors be added to encrypted services, would fail on numerous fronts - not least because of the availability of free tools for encrypting communications.

Jake Laperruque, a fellow at the civil liberties group Center for Democracy and Technology, says he's somewhat troubled by the president's remarks because allowing backdoors to circumvent encryption could allow criminals to gain access to secret data of individuals. "We continue to be concerned about the idea of a backdoor, although the president's comments reflects that he understands the risk associated with this," Laperruque says. "It raises questions whether the government will properly account for those risks with a policy like this that would outweigh any benefits for the average Internet user."
Bilateral Meetings

Obama and Cameron met over two days, Jan. 15 and 16, and part of their conversations focused on cyberthreats, which they characterize as one of the most serious economic and national security challenges both nation's face. In their bilateral meetings, both leaders agreed to bolster efforts to enhance the cybersecurity of both nations, strengthen threat information sharing and intelligence cooperation on cyber matters and support new educational exchanges between American and British cybersecurity academics and researchers.

According to the White House, the U.S. and U.K. will conduct joint cybersecurity and network defense exercises to enhance their combined ability to respond to malicious cyber-activity, with the first joint exercise later this year to focus on the financial sector (see U.S., UK Plan Cyberwar Games).

In addition, both national governments will work with industry to promote and align their cybersecurity best practices and standards, to include the U.S. cybersecurity framework and the United Kingdom's cyber essentials scheme.

The U.S. and Britain already work closely on a range of cyberdefense matters, such as the U.S. Computer Emergency Readiness Team and CERT-UK collaborating on computer network defense and sharing information. To deepen this collaboration in other areas, the White House says, the U.K.'s Government Communications Headquarters and Security Service (MI5) will work with the U.S. National Security Agency and FBI to further strengthen U.S.-UK collaboration on cybersecurity by establishing a joint cyber cell, with an operating presence in each country. The cell, which will allow staff from each agency to be co-located, will focus on specific cyberdefense topics and allow cyberthreat information to be shared at a greater pace and scale.
Cambridge vs. Cambridge

Both governments also have agreed to provide funding to support a new Fulbright Cybersecurity Award, starting in the 2016-2017 academic year, which will allow scholars from both countries to conduct cybersecurity research for up to six months, with applications being accepted later in 2015.

The White House also announced that MIT's Computer Science and Artificial Intelligence Laboratory, located in Cambridge, Mass., has invited Britain's University of Cambridge to take part in a Cambridge vs. Cambridge cybersecurity contest, the first of what's intended to be many international university cybersecurity competitions. Officials say the aim of the competition is to enhance cybersecurity research at the highest academic level within both countries in order to bolster their cyberdefenses.
Jessica Cusick's curator insight, January 29, 2015 1:07 PM

I think that if a threat was to come about and the government believes that they could stop it with evidence on that threat's cell phone, the government should be able to do whatever they can to stop the threat. It may be a law to allow the people of the US to have their privacy, but if a person is a suspected threat to the country in any way the government needs to do whatever they can to prevent the threat from becoming an action. The government's job is to protect the people of the US and if that means looking through someone's phone to find evidence I believe that is okay and fair.