Australian health care assignment: Identification of Threats
Question
Task: Write a report to discuss recent type of information security attacks, protection mechanism and risk management.
Answer
Introduction
The current health care assignmentdiscusses about the health care organizations in Australia that are facing lots of issues regarding cyber security. Different types of malicious actors are playing a role in targeting different health care organizations, especially in the pandemic situation, to get constant updates about the vaccine, treatments, and information about research and development related to vaccine development. The present study developed within the health care assignment focuses on the identification of the threats faced by organizations under the Australian health sector. Identifying all types of assets of the organization under the Australian health sector is also going to be discussed in this task. Threats against each type of asset present in those are an essential part of this report on health care assignment.
Threats facing the Australian health sector organizations
There are huge numbers of threats faced by the Australian healthcare area. The threats are related to cyber securities, and these are discussed in the following section of health care assignment:
|
Threat |
Description |
|
Advanced Persistent Threat (APT):
|
Australian Cyber Security Centre (ACSC) claimed that the Advanced Persistent Threat (APT) actors target the Healthcare sector in the Australian area. The primary goal of that actor is to collect information about the vaccine development treatment process and valuable information about the patient data. As stated by Au et al. (2028), personal data protection is necessary for advanced care to minimize APT. Due to increased activities of the healthcare organization in the pandemic situation, it's common to face malicious activities. Information about the vaccine development and treatment process is vital, especially in the pandemic situation towards which the entire world is focusing.
|
|
Cybercriminals threat:
|
This is another most important threat outlined herein health care assignment faced by Australian organizations under the health and care setting sector. Sophisticated actors are playing their role to track the network as well as the disruption of the essential services (Cyber.gov.au, 2020). Internet phishing is the most important example used by the actors to attack the information related to health care. Increased demand for the services due to the COVID pandemic makes it easy for the actors to spread the malware over the network and track the information available to the network. Adversaries are lesser cyber actors who compromise the e-mail servers and distribute the false and fishing copied the pandemic email to citizens nationwide.
|
|
Ransomware attacks:
|
Ransomware attack is the most common type of threat in cybersecurity, especially in the healthcare area. As mentioned by Ghafir et al. (2018), a real-time botnet system is necessary for cybersecurity prevention and the maintenance of data, especially in the healthcare area. Lucrative offers are even given to the person associated with healthcare activities in the Australian Healthcare sector. It even makes it possible to deliver highly secured and essential data related to Healthcare to the malware actors (Cyber.gov.au, 2020). As a result of this, COVID 19 related information is often passed to the malicious actor, and it creates a threat for the users and beneficiaries.
|
|
COVID-19 themed spear-phishing emails:
|
Malicious activities are constantly increasing due to the COVID pandemic situation. Users are beneficiaries keep a constant eye upon the data and sensitive information related to the COVID pandemic situation. As mentioned by Johnson et al. (2018), it is stated in the health care assignmentthat one health surveillance system necessary for the Australian care setting is to protect data from malicious activities. Phishing emails related to fake pandemic information are spread over the network. In addition to this, email servers are often targeted by malicious actors. As a result of this, entire viruses are spread over the entire email network (Cyber.gov.au, 2020). Remote Desktop Protocol (RDP) credentials are often provided by the actors in the malicious platform to collect sensitive information from the care setting area.
|
|
Threat from brute force attack:
|
Sophisticated actors are also playing a role in attracting data in the Australian care area. They often create the trial-and-error method to track the data and information from the care area. As opined by Au et al. (2018), login credentials are guessed by the malicious actors that take away the sensitive information. They guess for the login ID and password that also takes vital data related to recent pandemic attacks and vaccine development updates. RDP is widely used by the clinics and doctors' for the centralized database of patients (Cyber.gov.au, 2020). A digital footprint is also used by those actors that get easy access to the clinical data as well as the patient database.
|
Evaluation and categories of assets
There are different types of assets that constitute an organization's system. All the assets are listed in the below section of
health care assignment:
People:
Health care has different types of saints among them; people are the most important ones. People are the primary asset of an organization as well as an organization where the care setting is needed. As stated by Tavan et al. (2019) with regards to the case scenario of health care assignment, Australian Healthcare organizations denote all clinicians, surgeon doctors, technicians, and nurses. With them, all the staff associated with their activities and care settings of patients are also vital assets for Healthcare organizations. Some general managers of the organization to the lower level staff all fall under the category of this type of assets that constitute the system of organization.
Procedures:
It includes all types of activities to run an organization. In the case of healthcare in Australia undertaken in the current health care assignment, procedure assets define the technique and method used to manage the care setting activities. As reported by Waddell et al. (2020), management of inventory for both patients and staff are necessary assets for healthcare firms. It also denotes the management of patients' demand, along with the diagnostic activities needed to seek the issues faced by patients.
Data and information:
This is the essential asset of every organization. Data and information are the most crucial assets for a healthcare firm. Data not only related to the personal history of the patient but also related to diagnostic tests as well as their medication list (Wang et al. 2018). Recent information about the pandemic as well as vaccine development updates is also necessary information for the Australian care area. Data associated with the staff and all clinical care associated are also as vital as rests for preventive care areas. Inventory data related to personal information of staff as well as financial information are necessary assets of the care setting area.
Software:
Both application software and system software used by an organization are necessary assets that constitute organizational systems. As stated by Coventry and Branley (2018), cybersecurity is needed for the protection of data in both system software as well as application software. Application software in care settings in Australia helps to implement business rules. On the other hand, DBMS, operating system, development tools, and utilities are falling under the system software. Both are needed to manage the data of staff and patients in the care area.
Hardware:
This is another important asset of an organization noted in the health care assignment, without which the entire software system of an organization cannot run. As mentioned by Tavan et al. (2019), security management is necessary for health care to manage necessary assets. Hardware means computers, disk, laptops, smartphones, processors, and storage. Databases are the primary storage for the clinical care area. In the clinical area, huge numbers of data are stored, and for this reason, it is necessary to manage the necessary security provision to protect data both for staff and patients.
Networking:
This is the most important asset for an organization that carries large numbers of data and information from its customers. As stated by Ghafir et al. (2018), the network is the primary communication protocol that helps healthcare organizations to secure information and data of both their staff and patients. Telecommunication technology, internet connection, and host are required for effective network facilities in an organization. Optic fibers are necessary to connect the computers in the networking system.
Threats against each type of asset
Each type of asset is prone to face different types of threats as identified in the health care assignment. These areas allow:
|
Assets |
Type of threat |
Justification |
|
People |
Cybercriminals |
Cybercriminals provide different types of lucrative services to the staff and people in an organization. Lucrative offers are given to those staff in an organization that is directly associated with the management of a large organizational database (Ghafir et al. 2018). People are given offers in exchange for personal information and sensitive data by sophisticated actors. Login ID and passwords are often given to the cybercriminal in exchange of financial assets that affect the security provision of the organization |
|
Procedures |
Advanced Persistent Threatand malicious attack |
Advanced Persistent Threatand malicious attack are common forms of threat for the identification of information related to the intellectual property related to vaccine development and current treatment carried out in healthcare firms (Cyber.gov.au, 2020). Different types of malicious files are often spread over the system via a network that directly affects the large database of the organization is under curative care. |
|
Data and information |
Brute force attack |
Data is vital and is prone to get brute force attack. In this type of attack, trial and error methods are followed by malicious actors to seek ID and password of users to account for login (Wang et al.2018). This is a very crucial type of threat that can harm large organizations from having vast numbers of databases. |
|
Software |
Ransomware |
Software’s assets of an organization are common to face ransomware activities. In this type of threat, spear-phishing emails are sent to the users to get credentials related to the log id and passwords (Johnson et al. 2018). In addition to this, malicious software is spread over the network, and information is taken from other organizations too. |
|
Hardware |
Cybercriminals and brute force attack |
Hardware is also associated with cybercriminal attacks. Due to accelerated pressure if COVID pandemic situations become common for cybercriminals to provide malicious threats via software that directly affects the hardware system of the organization (Cyber.gov.au, 2020). In addition to this, Sophisticated actors play a more brutal role in spreading the ransomware over the entire software, in which information stored in the hardware system is at risk. |
|
Networking |
Phishing Emails |
The threat of malicious activities is more common for software and hardware. In a pandemic situation, large numbers of actresses target the organization by providing the spread of emails related to the pandemic to end-users (Au et al. 2018). In addition to this, victim’s networks are often directly targeted by the sophisticated actress that creates jam in the networking system. Remote Desktop Protocol (RDP) is often exploited by the cybercriminals that affect sensitive data of the organization as wells as personal information of staff. |
Security principles proposed by the ACSC and recommendations.
For the prevention of malicious activities and data theft, certain types of security principles, along with the recommendations, are given within the health care assignment. Theses mitigation plan are effective enough for Australian health care organization to secure their data; these are mentioned below in this health care assignment:
Application control:
Application control is necessary to prevent the entry of malicious programs into the actual system. The health care assignmentexamines the words of Ahsan and Rahman (2017) that green public procurement is necessary for the prevention of malicious programs. Exe and DLL are the most common forms of malicious programs for users. The limiting principle proposed by the ACSC is applied in this recommendation for the health sector in Australia.
Patch application:
Patch applications are primarily released by software manufacturers and device manufacturers (Cyber.gov.au, 2020). Any type of fault is easily detected by the malicious actors, and they easily focus on the vulnerabilities of the device and its software versions. Patch security is necessary for cloud computing that handles a vast range of users' data (Yong-Xiang, 2018). Vendor-supported security, along with the time patching, can be beneficial for Australian care settings to prevent APT. Obscurity principle is effectively followed in this recommendation given by ACSC.
Macro settings:
It is necessary to block macro from the internet via which malicious programs and viruses can easily damage the database. It is necessary to allow the vetted macros only that can run under the “trusted network”(Cyber.gov.au, 2020). The diversity principleoutlined herein health care assignmentis followed in this recommendation by the ACSC that can help care setting organizations to prevent internet phishing and damage of data by malicious actors.
Application hardening:
Web browsers can be configured to java, block Flash, and ads that can help to increase data security in the care setting area. As mentioned by Haupert et al. (2018), disabling the unessential feature in the MS office helps to increase security provision in the database. Thus, the research on health care assignment signifies that it can be followed by the Australian healthcare organization with the application of the layering principle to secure data.
Restriction for administrative privileges:
Administrative privileges have to be restricted by the organization and need better security to manage the personal data of users. Revalidation is needed on a regular basis for the privileges so as to achieve better security of data (Cyber.gov.au, 2020). IT staff should not use privileged accounts for the use of email or type of personal applications. Email content has to be scanned for phishing and malicious activities. Obscurity principle is also applied in this recommendation of data security mentioned in the health care assignment.
Patch system:
It is necessary to use only the supported version of the operating system. Using an unsupported version can affect security provision. As stated by Yong-Xiang (2018), staff has to be alert and cautious to reduce the incidence of malicious activities as well as phishing emails. The simplicity principle is effectively applied in this type of recommendation provided by ACSC.
Multi-factor authentication:
During the performance of privileged action, it is necessary for users to include RDP, SSH, VPNs, and other forms of remote for the better accessibility of data. Incident Response Plans are necessary to protect data against ransomware activities (Cyber.gov.au, 2020). The limiting principle proposed by ACSC is strongly followed in this type of recommendation to protect highly sensitive data.
Daily backups:
Daily backup is necessary for the health care organization as a precautionary approach to protect users' data. It is also necessary to change the configuration of the data set, as well as the restoration of the changed data. According to Ahsan and Rahman (2017), security is the primary provider for the Australian public health sector to prevent misuse of data by phishing actors. The simplicity principle is generally followed under this recommendation of data security.
Summary
From the entire discussion on health care assignment, it can be said that the COVID-19 pandemic has created an opportunity for the malicious actor to steal any type of data from the health care sector. Advanced Persistent Threat (APT) and cybercriminal activities are the primary threats Australian health care is as it can create fear of losing data. Malicious activities, along with COVID pandemic theme-based phishing elements, are delivered to users that are really dangerous. Lucrative offers are also provided to staff to share information related to the vaccine development and treatment process. For mitigation of all the security challenges, ACSC has developed five most important principles along with eight recommendations in the above context of health care assignment. The five most important principles proposed by the ACSC explored in the above sections of health care assignment are simplicity, layering, diversity, obscurity, and limiting. All these five principles are applied effectively with the recommendation that can help Australian health care organizations to respond against the malicious and ransomware outbreak quickly. ACSC has also suggested care setting organizations to implement an up to date format of Incident Response Plan (IRP) to secure data to be misused.
Reference list
Ahsan, K., and Rahman, S., 2017. Green public procurement implementation challenges in Australian public healthcare sector. Health care assignmentJournal of Cleaner Production, 152, pp.181-197.
Au, M.H., Liang, K., Liu, J.K., Lu, R. and Ning, J., 2018. Privacy-preserving personal data operation on mobile cloud—Chances and challenges over advanced persistent threat. Future Generation Computer Systems, 79, pp.337-349. Coventry, L. and Branley, D., 2018. Cybersecurity in healthcare: a narrative review of trends, threats and ways forward. Maturitas, 113, pp.48-52.
Cyber.gov.au, 2020. Advanced Persistent Threat (APT). Available at: https://www.cyber.gov.au/acsc/view-all-content/advisories/advisory-2020-009-recommendations-mitigate-apt-actors-targeting-health-sector-and-covid-19-essential-services [Accessed on 23rd July 2020]
Ghafir, I., Prenosil, V., Hammoudeh, M., Baker, T., Jabbar, S., Khalid, S. and Jaf, S., 2018. Botdet: A system for real time botnet command and control traffic detection. IEEE Access, 6, pp.38947-38958.
Haupert, V., Maier, D., Schneider, N., Kirsch, J. and Müller, T., 2018, June. Honey, i shrunk your app security: The state of android app hardening. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 69-91). Springer, Cham.
Johnson, I., Hansen, A. and Bi, P., 2018. The challenges of implementing an integrated One Health surveillance system in Australia. Health care assignmentZoonoses and public health, 65(1), pp.e229-e236.
Tavan, A., Tafti, A.D., Nekoie-Moghadam, M., Ehrampoush, M., Nasab, M.R.V., Tavangar, H. and Fallahzadeh, H., 2019. Risks threatening the health of people participating in mass gatherings: A systematic review. Journal of education and health promotion, 8.
Waddell, J.J., Nissen, L.M., Hale, A.R. and Kyle, G., 2020. Using the big five inventory to evaluate the personality traits of Australian pharmacists. International Journal of Pharmacy Practice, 28(3), pp.275-281.
Wang, Y., Kung, L. and Byrd, T.A., 2018. Big data analytics: Understanding its capabilities and potential benefits for healthcare organizations. Technological Forecasting and Social Change, 126, pp.3-13.
Yong-Xiang, H., 2018, April. A Study on the Security of Patch Management in a Cloud Computing Environment. In 2018 4th Annual International Conference on Network and
