PANACEAresearch offers a significant improvement in multiple areas (from threat awareness to security-by-design and secure information sharing).
However, results can only be measured in the context of realistic data, use cases and scenarios. At the same time it is not possible to rely on the operational IT infrastructure of the hospitals for research, development and testing activities, due to their criticality. For this reason, the consortium will adopt the use of emulation environments based on a set of heterogeneous user scenarios developed by End Users and relevant for their businesses.
The User Scenarios will be hosted by three end-users in Italy, Crete and Ireland and will be elicited in order to give the consortium a wide potential dataset representing different networks and organisations, heterogeneous threats and incidents situations.
Awareness of HL7 protocol deficiencies into a cyber-threat context: The HL7 security deficiencies allow conditions for running hidden attacks.
HL7 is widely used in the healthcare domain and hospitals such FPG leverage multiple services based on this protocol (in particular for interoperability of data). FPG needs a solution to assess, evaluate and mitigate weaknesses related/caused by the most important data exchange protocol used in the Healthcare domain. The HL7 protocol collects some international standards related to the communications between different medical applications such as Radiology, Tac system, blood analysis and so forth.
The interoperability of HL7 allows the construction of complex medical processes but brings serious security aspects that need to be assessed. For example, due to the relative easiness of HL7 on being tampered, a malware could modify patients’ data while in transfer from the radiology machineries to the radiology lab, causing critical impact.
Cyber Attack on Regional Health Services leads disruption of regional health services and security breaches. 7HRC is the governing body of the National Health System at the region of Crete. It runs an integrated network of public hospitals and primary healthcare centres under the supervision of the Ministry of Health.
HealthCare structures and 7HRC are interconnected via the Greek Governmental Virtual Private Network “SYZEFXIS” and VPN servers (for health structures not incorporated in SYZEFXIS yet). The Health Units under the supervision of 7HRC rely on automated processes built on an integrated Health Care Information System to support and improve existing patient care procedures, continuously introducing new capabilities. For instance, using the ICT structure of reference hospitals, remote health centres can order and execute laboratory exams at the LIS systems of the Hospitals with biological material samples being physically transported to reference hospitals, while the exam results are retrieved by doctors electronically from their GP offices.
Furthermore, patients can book their appointment to a hospital outpatient department using an online booking system currently hosted at 7HRC servers. In this context, a wide array of malicious software can be used to launch denial-of-service attacks targeted at either hospital/7HRC servers or VPN servers used to route internet traffic, causing disruption of electronic health services, and specifically the remote laboratory exams ordering from Health Centres to Reference Hospitals, as well as electronic booking. A denial-of-service (DDoS) attack is an attempt to make an Information System or another network resource unavailable to its intended users. Furthermore, another threat is related to physical theft of equipment e.g. PC with stored passwords or loose security policies. This may lead to data theft.
Ransomware Cyber Attack on HSE-SSWHG leads disruption of health services.
The Irish HSE ICT structure is a unified national intranet IP based LAN/WAN system comprising legacy systems from the previous unconnected regional health domains with more recent ICT networks with intelligent management systems, processing and transmission systems, and network-based control and monitoring functions.
Data storage for this nationwide ICT system involves local storage centers and cloudbased storage on remote servers accessed from the intranet. Each of the seven Hospital Groups are linked to each other and to that part of the community healthcare system located in their region.
The National Ambulance Service (NAS) is linked to all Hospital Groups via the national HSE ICT Network. Each ambulance is fitted with a 3G/4G based Mobile Data Terminal. The electronic Patient Care Records [ePCR] are prepared on board ambulance. This includes data from the on-board instrumentation linked to the ePCR tablet by Bluetooth Recently, hospitals in the HSE have increasingly become victims of attempted ransomware attacks.
The attacks occurred in the HSE South-South West Hospital Group (SSWHG) when a National Ambulance vehicle Bluetooth medical instrument was stolen and hacked: this allowed the diffusion of a malware onto the ePCR. The ransomware could then be introduced onto the national patient records system. A second, coordinated, attack occurred because of a forgotten and stolen Surface Pro tablet not sufficiently protected by proper passwords and encryption on sensitive areas. The laptop was used to introduce the ransomware virus into the system from a different attack vector with respect to the previous. This was one of 20,000 laptops bought and supplied to staff in 2017.Impact of a successful attack can be more subtle than the ‘simple’ unavailability of some devices: data loss or alteration could directly affect patients’ safety: for example, if the data from the ambulance and the ePCR is tampered, a critical patient could be killed due to a wrong treatment at the hospital. In addition, also data theft (triggered by attacks similar to the aforementioned) could seriously impact the hospital.
The user scenarios have a critical importance for the development, test and validation of the PANACEAresearch toolkit: using virtualization techniques on private cloud environments, fractions of the end users IT infrastructures will be virtualized and emulated in order to create a safe virtual environment with high affinity to the operational but fully available for testing and validation. User scenarios will be hence fundamental in order to understand how the emulation environments will need to be composed.