Cybersecurity Report: Vulnerability Assessment of Hospital Systems

Verified

Added on 2022/10/17

AI Summary

This report provides a detailed vulnerability assessment of a hospital's information systems, focusing on potential security breaches and data theft. It examines various attack vectors, including malware, ransomware, human error, and weak passwords, and details how hackers exploit these vulnerabilities to steal sensitive patient data, such as names, addresses, social security numbers, and medical records. The report highlights the financial and legal impacts of data breaches, including fines and reputational damage, and provides an execution plan outlining tools, methodologies, and resources used by cybercriminals. The assessment includes examples of real-world attacks, such as the actions of the hacker known as TheRealDeal, and offers insights into how to mitigate risks and protect patient information. The report concludes with references to relevant resources and research, offering a comprehensive overview of cybersecurity threats in the healthcare industry and providing a framework for strengthening hospital security measures.

VULNERABILTY ASSESSMENT
(Student’s Name)
(Professor’s Name)
(Course Title)
(Date)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Introduction
According to NIST a vulnerability is a weakness in an information system, internal
controls, or implementation plan. To minimize on vulnerability an assessment needs to be done.
Vulnerability assessment is a central component when designing a security program. A well-
functioning vulnerability assessment includes remediation and testing. The monogram presents a
vulnerability and execution plan for a hospital.
Vulnerability analysis and Execution plan
Ways to breach security of a hospital
Malware
According to Becker hospital, data breaches across healthcare facilities is approximately
6.5 million dollars annually. In 2016 at least one health facility was breached which affected
over 27 million patient records. There are three possible ways to breach security of a hospital
which includes malware and ransom ware. In here cyber criminals uses ransom ware to
shutdown hospital servers and the entire network. In addition hackers use malware to steal
patient records for sell. Example a hacker who goes by the name thedarkoverlord who stole
patients’ records using malwares. The hacker then broke down the data into databases with
prices ranging from 151 to 643 bit coins this amounts to around 96,000 US dollars to 411, 000
US dollars. As indicated by the hacker the first database contained 48 thousand patients from
Farmington hospital. The second database as indicated by the hacker contained 397,000 medical
records which were stolen via ransomware attack and accssiable via internal network. The details
stolen by the hacker contained full names, physical address, dates of birth, email address,
insurance policy number, and social security numbers (portalDeepDotWeb, 2016). Other types of

malware utilized by hackers are worms, back door, and spyware, capture store data, and RAM
scrapper.
Human error
Hackers are utilizing errors created by health professionals to steal health records. The
most common types of human errors are miss-delivery which is at 38.2 percent. In here health
professionals send medical information to the wrong person who might be a hacker this able to
access patient’s data. Another human error is disposal error which is at 17.2 percent. Here health
professions discard medical documents without shredding them and last form of error is loss
which is the art of misplacing a thumb drive which contains unprotected medical records.
Weak passwords
Most of health professionals uses insecure passwords such as their names, and pets to
login to medical records system. In secure passwords enables a hacker to gain unauthorized
access to a protected network. Here a hacker uses brute force type of attacker to gain the
passwords thus able to login to the system to get medical data. The hacker then uses RDP
protocol to get a direct access to medical record sensitive information
The type of data obtained
The information stolen from medical facility using the above three ways includes names,
city, state, ZIP, home addresses, date of birth, social security numbers, dates of birth, and home
phone numbers.
Hacker’s perspective
The major aim of stealing health records information by the hacker is to sell the data.
Currently data stolen from hospitals contain over one terabyte is sold at around 19,166 dollars.
For the US consumers stolen medical data goes for 82.90$ a piece which social security numbers

is worth 55$. A list of landlines, gender information, and email account information are worth
317$. In addition, hackers such as TheRealDeal used stolen medical to blackmail health insurer
to give him money or split-out the information on the internet.
Impacts
The major impact of data breach affects lot of patients. Example in February 16th 2018,
hospital data breach affected five hundred patients. Second, health information security is
paramount and according to HIPPA rules any form of health information breach to a fine.
Breached hospitals can be fined by a health facility with penalties reaching a maximum of 20
million dollars (Andrey Petukhov, 2016).
An example of a hacker
TheRealDeal is an example of a hacker of medical records. It is a darknet website and a
part of cyber-arms industry who have been reported by FBI as able to steal medical information
and sell. The hacker has so far leaked a large amount of patient records and posted it for sale to
the dark web.
A similar approach where it has been done
An example of medical record stolen by TheRealDeal was Atlanta, Georgia. This
contained over 397,000 medical records. The very latest data stolen by TheRealDeal as from
Missouri-based hospital. The hacker claims that he has made over 100,000 dollars from stolen
medical record.
Execution plan
To execute a vulnerability hackers first identifies a weakness in a system or a backdoor.
They then perform buffer overflow which is a form of delivering malicious commands. Lastly,
they design a denial of service attack, or use remote access tool, and steals medical records

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Possible options from the vulnerability assessment
Resources required for the attack (Andrey Petukhov, 2016)
There are various tools and techniques used by cyber criminals. One of the tools is
remote access tool. This is a tool used by cyber criminals to grant remote administrative control
after installing on the target machine. The tool enables the hacker to upload and download and
execute commands, key strokes and record user’s computer screen. Another common tool is web
Shells, this is a malicious scripts. One of the commonly used malicious scripts are china chopper.
This is used by hacker to access health systems. Another common tool is Mimikatz which is a
credential stealer; the tool is used by hackers to gains logins credentials of health systems. Htran
is another common and control obstuscatos which is used to complicate communications among
a hacker and hospital network.
Methodology
One of the methodology employed by hackers is the use of BEC attack. Here the hackers
impersonate as a high level executive in health industry and request medical records. To do this a
hacker uses emails which looks as legitimate to convinced doctors and physicians to give
medical information of a certain hospital. Another common methodology is HTML phishing
pages and key loggers to get hospital logins credentials.

References
Andrey Petukhov, D. K. (2016). Web applicatiion testing vulnetabilities and attacks. Detecting
Security Vulnerabilities in Web Applications, 2-14.
Bayer, R. (2015). New Challenges for Electronic Health Records Confidentiality and Access to
Sensitive Health Information About Parents and Adolescents.
portalDeepDotWeb. (2016, June 30th). Healthcare under Attack: What Happens to Stolen
Medical Records? Retrieved from Trend Micro:
https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/healthcare-under-
attack-stolen-medical-records