By Brooke Heenan
Hackers are taking advantage of increased stress and stretched resources to target Australian health systems.
These findings come from a new study that found training programs and tighter regulations would strengthen the cybersecurity of medical systems.
University of NSW cyber security expert Dr Elena Sitnikova says now medical systems, such as radiology, pathology and patient records are digitised, hackers are of much greater risk.
“Sensitive data, such as HIV status or sexual history, has also been obtained by hackers and used against individuals.” Dr Sitnikova says.
“The corresponding cybersecurity requirements have not evolved as fast (as the digitisation),” Dr Sitnikova says.
According to Dr Sitnikova’s research, the cybersecurity risk to healthcare, including hacking of personal medical devices and theft of personal medical data, is continuously rising.
University of New South Wales professor Raina MacIntyre, who collaborated on the research, says digital health records can also be used for precision harm against individuals.
“It has been shown, for example, that CT scans can be hacked and altered so that evidence of cancer can be removed or added – imagine the harm that could cause if an individual were targeted in this way,” Prof MacIntre says.
But, Australian Cyber Security Centre (ACSC) head Abigail Bradshaw, says that at the ACSC, they are working to make sure Australians remain safe online and that vital services are protected.
“We are arming Australians, businesses and key sectors, like health and medical services, with information on the threats and practical assistance to enable them to better protect themselves against these global cyber criminals,” Ms Bradshaw says.
Dr Mohiuddin Ahmed, senior member of peak body Institute of Electrical and Electronics Engineers says if you can touch it, you can hack it.
“It’s not always the responsibility of the government, it’s strictly the responsibility of all Australian citizens who use these programs,” Dr Ahmed said.
While cybercrime technology is advancing faster than ever, health systems are struggling to keep up, according to the research, which was published in the Intelligence and National Security journal.
The study also found that hospitals often run outdated operating systems that allow hackers an easy way in.
Edith Cowan associate dean for computing and security Paul Haskall-Dawland says that it may not be as easy as just upgrading medical software.
“It’s an enormous financial undertaking, not just because of licensing, but also because of the time and effort that has to be taken to upgrade those systems,”Dr Haskall-Dawland says.
“If you’ve got systems in a health service which are running on old equipment… you may suddenly find that it’s not just the software you need to upgrade, it’s actually the hardward as well.”