Running head: SECURITY THREATS ANALYSIS IN HEALTH CARE CENTRE 1
SECURITY THREATS ANALYSIS IN HEALTH CARE CENTRE 7
Security threats analysis in health care center
Security threats analysis in health care center
Threat modeling is a technique that intelligence analyses and identify security threats within a given system. There are many types of threat modeling that are present and they include attacker viewpoint, assets viewpoint. Many healthcare centers keep a lot of information, for their patients, and it is useful to identify threats that might affect our system, usually, attackers may harm our system and assets posing great losses to the organization. Thus as an information technology intern working for health care system it is good to have suggested ideas to protect system from any threats that might occur due to that in the health care centre there are over 600 employees who needs their system to be protected from attackers intruding ,so that employees healthcare information are secure hence enhancing the accurate results in the system, this also will increase the annual revenue in the system. Moreover due to that health care operates in diverse locations it’s necessary to secure the database so that attackers may intrude the database system and pose a threat that will affect all systems in various branches in health care centers thus this may lead to a downfall in the health care center ( Burns, 2005). In order to shy away attackers and secure health care system, it is necessary to apply threat modeling methodology STRIDE, which will hence risk management and protects all products in the healthcare system.in addition, it is necessary to protect the system from attackers in that the health networks run in production data center which is available to all employees because they can work in their homes using wireless networks.
Attacker point of view
An attacker that might be attempting to interfere with computer system in health care center, might a be a marketer and ISIS, the reason why marketer is threating to interfere with the computer system is because they wanted to spoil the competing campaign good results from their competitors in the case of health care, they do so in order to gain an inside of what is taking place at different fields of health care. In addition to the case of ISIS, they tend to interfere with the website of health care.in addition attackers attacks the system so as to achieve some goals for themselves, for instance, the case of threat to data theft attacks , in this case attachers starts with phishing attack, in that at the time doctors are trying to get access to patients records the attackers may send email to send you an email which you will download the malware to your computer, thus attackers may intruder into health care system by gaining information through the system and attackers can access to health care information and organizational financial administration. Moreover attacks may develop a persistent threats to health care network . in that they can when malware is present in health care center and it is not realized on time then the network may be direct to network traffics by the attackers and as a results attackers will require money in order to release the health care system to work in its present condition( Johnstone,2010).
Another reason for threat against the health care center is because of national critical infrastructure alongside with the transport network, electricity, and water, this will attracts attacker who was waiting to cause chaos for instance in the foreign country where there is the scenario of political instability. Also due to largely rely on technology there is the huge number of opportunities for attackers in health care system . in present health care system uses expensive technology, thus attackers might intrude using many ways such as attacking data network to mobile applications.
This entails identifying the elements in a computer system that are valuable and looking at their likeness of the risk that might occur. Assets used by health care centres include laptops and mobile devices, these assets are valued in health care because it makes the transactions of the services such as payment and record keeping faster and affordable for the employees , also the value of assets in health care center is to minimize risks for maximum quality of life hence improving the life of the patient and healthcare professionals . patients are able to gain quality serves in the when system fails in the health care centres it is responded in time in order to serve employees well , making hospital management more efficient is another value of assets in that employees have been provided with all the necessary equipment hence they can provide serves to their customers in an efficient ways thus increasing health care revenue thus growth( Hussain, Kamal, Ahmad, Rasool, & Iqbal,2014). The assets in health care center might have interfered through the hacking of website and health care network, attacker may be having the intention of intruding to the health care website in order to alter with patients records and also wanting to get access to the money in organization hence they will attack the system and they demand for money if they are not given they will threat to interfere with the patient records in the hospitals . I recommend the secure ways to protect the assets in the health centre is by encryptions in order to shy away from any forms of threats, the health care must employ a well-qualified system administrator and database administrator to monitor any attacks that might occur and response to its in time , so as to avoid the attackers from gaining network traffics.
The kind of spoofing that might be present in the health care system is brute forcing login information, this may impact the system by making system to misrepresent itself, fooling the users using the health care system by allowing an interaction which results into login and attackers may get access to private information and may start interfering with patients records (Shostacks, 2014)..In case of tampering the cross-site scripting and SQL injection are spread attaches in the system. All kinds of tampering attacks attempt to modify trusted data towards some malicious aims, healthcare database may be tempered by attackers attempting to change the content of patients’ records, and in today scenario attackers may use cross-site scripting and SQL injection to get the attack to patients’ documents in the health care centres.
Repudiation is the act of denying the truth of what happens even if there is the truth of what happen attacks might be available during the logins activities in the health care system hence they will be attempting to make logins as present it in a way that nobody has tampered with the system. In terms of information disclosure, the private information in the system is disclosed and the unauthorized user may interfere for the system in health care. For instance, in the healthcare center, the health network will be attacked by attackers by diverting the network traffics to their system, this may cause organization a lot in that having more than 600 employees using the system will fail to offer services to their patients hence the revenue in the healthcare center will decline. The denial of service is the interruption of health care system for the host connected to internet, the available denial of service is increasing in complexity and it widens through the system , systems which are vulnerable in health care centre is database system and network system will is providing network for the operation of to take place in an organization. If the system attacks the health information may not be in a position to be keyed into the system. Lastly is elevation of privilege this scenario may occur where someone may have deeper access to the health care system thus this may lead to tempering of patients records in the database, if by chances attackers enters into database they will have an insight of interfering with the system by having a deeper access to the system by exposing the data and modifying it . the patients’ records will thus become inaccurate due to that attackers might interfere with records information by adding some irrelevance information and also instilling records with the virus, which will result be hard to find the records.
Risk mitigation plan
|Asset||Threat||Impact||Recommended security control||Responsible role|
|Personal information||Access to sensitive personal information.||The personal information might be tempered by attackers.||Security control through the use of a strong password.||Is to identify the person, and also enhancing privacy.|
|Medical records.||Being erase from system||This will lead to an inadequate way of tracking patient records||Records should be kept in the folder with strong password||Is to trace patient progression.|
|Server||Manipulation of data incorrectly||It will lead to inaccurate information in the system||Hiring high qualified database administrator to monitor database||Is to keep all information about any activity taking place in the health center.|
|Medical certificates||Get rid of the system.||It will lead to high cost of production of new medical certificates||The system administrator should be always a presence to secure the system.||Is responsible to keep track of medical information.|
|Transaction records and passwords||Alter transaction records in the database and also manipulate existing passwords.||It will lead to high cost of maintenance and loss of importance transaction records.||The technician should be present to secure the system.||It to keep track of all the transaction done within the health care center.|
Shostack, A. (2014). Threat modeling: Designing for security. John Wiley & Sons.
Burns, S. F. (2005). Threat modeling: A process to ensure application security. GIAC Security Essentials Certification (GSEC) Practical Assignment.