Cybercrime in Medicine
Vienna, 24, June 2019 – Cybernetic crime also grows in Austria. Recently, data collection shows that cybercrime on the internet is not stopping in the health sector. Above all, the so-called "Darknet", a particularly well-insulated area in the network, serves as a starting point for digital attacks, as securely encrypted and anonymous, and secret squares serve as platforms for the sale of stolen data. He also provides health care, from hospital to individual care, and provides solutions and recommendations for safe custody of patients' health records.
Boundaries between "real" and "virtual" reality gradually disappear. Technical progress meant that both electronic and internet devices became smaller and more powerful.
Despite the many opportunities offered by this development, numerous risks and challenges for the medical profession are emerging. In addition to potential technical problems with software and hardware, consideration should be given to the criminal component that moves to this area. "Patient and Health Data Must Have Special Status, Because Health Data Are Very Personal, Particularly Sensitive Data", Warns President of the Medical Association Thomas Szekeres.
"If you compare crime statistics over the last few years, you can see an even higher cyber crime in Austria," he explains Cornelius Granig, Information Security Specialist and CEO of WGM Health Care Services GmbH. In 2017, the rate of crime increased by 28 percent compared to the previous year, and by 2018, an increase of almost 17 percent compared to 2017 for Graniga was still more than worrying.
"In Germany, an increase of 2017 to 2018 is 8 percent, calculated on the basis of the number of inhabitants, more crime in cyber crime than in Austria," Granig compares figures with the largest Austrian neighbor According to estimates Bund Deutscher Kriminalbeamter Tamna figure is 90 percent because only a fraction of the crime is shown or many of them are unaware that they have become victims of the crime.
The technique is increasing
According to Granig's studies, especially in the health sector, networked and / or networked technologies would become more common, not only in hospitals and general practitioners – in Austria, for example by introducing ELGA electronic medical records – but also in patients where one is used various types of smart equipment in the gym and for telemedicine purposes.
"While these devices usually hold in their hands or carry on the body, medicine is also developing an ever-greater integration of the device into the human body, such as implanted pimps, insulin pumps, or smart contact lenses." continues Granig.
On the one hand, such computerized devices will serve to monitor and optimize their own health through a constant collection of different vital signs and their regular evaluation, and on the other hand, these additional data also opened up new treatment options, particularly in the field of health care. Analysis, Diagnosis and Therapy of Chronic Patients.
Many of these devices are connected to the "Internet of Things," and are an attack on criminals if users do not perceive them as fully developed, exogenous, influential computing systems, regularly reviewed and updated software updates.
In addition, there is another important aspect: using such devices and using new procedures results in very large data collections. "Particularly in the perspective of personalized medicine or precision medicine, ie the alignment of treatment methods with the individual genetic profile of the patient, large amounts of data, especially genomic sequencing, play an important role, the preservation of such data must be carried out with the utmost care and prevent possible misuse by unauthorized trading of that data, "says Granig.
Challenges for "Doctor 4.0"
"To work with a new generation of devices that depend on" Internet stuff, "you need not only the appropriate training, but also basic technical knowledge and equipment," explains Granig. Due to storage, battery and processor resource constraints, direct Internet devices have proven to be very difficult to protect.
In addition to the risk of data theft, there is a risk of direct manipulation by the use of such devices by unauthorized persons due to security vulnerabilities in telemedicine applications. "It can not only lead to health problems for affected patients, but also litigation and financial sanctions," warns Granig.
Security vulnerabilities, according to Grang, may have multiple causes, not only in the complexity and heterogeneity of such systems, but also in insufficient management of software updates and handling of known software vulnerabilities, especially between the times when fixes are detected and deliveries. .
This also applies to complex medical diagnostic equipment, such as computer or magnetic resonant tomographs, whose integrity within the network must be constantly checked. "For this we have a research project Meda The goal is to develop a new generation of security software for all these devices to prevent their manipulation and illegal data theft, "says Granig.
Safety tips for doctors
Granig has developed a concept with ten safety tips that will help doctors and patients in processing health records. In addition to general rules such as careful handling of personal information and photographs, the use of strong passwords and the regular use of scanners and malware updates, there are also recommendations that require Granig to be "more involved in this issue".
"It is important to evaluate the information that once came and to be immediately reviewed," Granig recommends. With the tools available on the Internet, it's easy and quick to check if your email address was ever part of the data leak in the sense of the Granig callback call for dual-factor authentication that many applications already offer.
Sometimes, however, the damage has progressed so far that you can barely clear anything. Therefore, from Granig's point of view, it is imperative to regularly back up all important office systems.
It should also be used only for doctors known as USB workstations, because the USB sticks would, according to Granig, "best fit to infect computers with malware".
Finally, Granig recommends the use of cryptographic technology for exercise sites, as well as hard drives and USB sticks, to increase security. The same is true for the email system, because for the Grange there is an old saying: "Every Schrifter is a poison" – especially when using unencrypted e-mails that can be easily read or stolen by unauthorized persons.
In order to protect yourself from the unpleasant financial consequences of cyber attacks, Granig also recommends that you take cyber security, which also helps solve the problem as part of the security.
Ordination peak, hospital failure
Szekeres adds: "Our doctors are better equipped to survive in the digital world," says Szekeres, adding that they can safely use new digital tools such as e-medicines currently being manufactured in Vienna. "It is currently being upgraded technically in the clinics".
However, it is not the sole responsibility of the medical profession to ensure the safety of those tools provided by social insurance, says Szekeres. For example, Szekeres would still have problems with eKOS electronic communications services. "We are currently unable to recommend the use of eKOS due to the many weaknesses that must be eliminated in our opinion. There is also a completely unclear dimension of data protection that needs to be clarified."
Although it looks better in the clinics, it is currently a difficult situation in Vienna hospitals. "Because of the great dynamics of digitalisation, companies have to modernize their important IT systems every ten to fifteen years, and these projects are just beginning in many Austrian hospitals, with more attention being paid to cyber security, so new programs will not only be easier and faster for use, but much safer for work, "says Granig, who also advises hospitals about their modernization projects.
In a survey recently conducted by the Medical Association on Infrastructure in Vienna Hospitals, 53 percent of doctors in hospitals, ie more than half, were dissatisfied with IT equipment at work.
"The result of the survey was clear: old IT infrastructure must be restored and tailored to the user," Szekeres demands and reiterates the medical bill for a billion infrastructure for Vienna hospital, to "gain superior status and find both doctors" and physicians, as well as patients, can safely approach. "
Your chat partner:
ao. Univ. Dr. Thomas Szekeres
President of the Austrian and Vienna Chamber of Commerce
Dr. Cornelius Granig
Director of WGM Health Care Services GmbH and the "Doctor 4.0" Platform – Safe Internet Doctors "
Contact for journalists' inquiries:
Medical Association for Vienna, Dr. Med. Hans-Peter Petutschnig
Phone: 01/515 01-1273 DW, 0664/10 14 222, Fax: 01/512 60 23-1273,
online medical service of the Vienna Medical Society: www.aekwien-medienservice.at