How do we keep private hospital records safe from being exposed online? One billion medical records, which include X-rays, ultrasounds and CT scans belonging to patients in the United States, were exposed to the public in 2019, TechCrunch reported. According to Elad Luz, head of research at CyberMDX, an Israeli-led company based in the US that is a pioneer in healthcare cyber intelligence, this happened because a certain piece of software is available to the public. “It’s important to be clear that this situation is not about a breach or hack, per se,” he told The Jerusalem Post in an interview on Monday. “This is about hospital’s installing and configuring their data infrastructure incorrectly and insecurely managing their medical technologies.” Luz said someone looking to get their hands on this information does not actually need to hack anything or circumvent any controls. “They can simply query a search engine for Internet-connected enterprise endpoints, like Shodan, using terms like ‘Digital Imaging and Communications in Medicine server’ [DICOM] to pull up the IP details of accessible Picture Archiving and Communication System servers [PACS],” he said. “Once they have that information, they can use one of a few different free-to-download applications to get the information.” After careers spent in Israel’s national security services protecting the public interest, “CyberMDX’s founders had a unique and firsthand view into the profound security gaps created by medical technology IT,” Luz said. “The company was established in 2017 to address this problem – not just in Israel but around the world,” he said. “CyberMDX offers a solution to hospitals and medical centers focused on network endpoint visibility, threat prevention and operational analytics for medical, information technology, operational technology and Internet of Things devices.” What Cy ..
Support the originator by clicking the read the rest link below.
