Attacking Pathways of Health Information System (HIS)
- Resource Type
- Conference
- Authors
- He, Ying; Ni, Kun; Luo, Cunjin
- Source
- 2021 Computing in Cardiology (CinC) Computing in Cardiology (CinC), 2021. 48:1-4 Sep, 2021
- Subject
- Bioengineering
Computing and Processing
Signal Processing and Analysis
Ethics
Pandemics
Virtual environments
Medical services
NIST
Electrocardiography
Computer crime
- Language
- ISSN
- 2325-887X
The health information system (HIS) has been targeted by the hackers especially during the pandemics of COVID 19. This paper is motivated by the recent cyber incidents happened to healthcare organisations. This study was conducted to demonstrate how the HIS can be hacked and provide some recommendations to protect the HIS. We created a simulated virtual environment by implementing an open-source medical system. We then followed the NIST pen-testing methodology to perform ethical hacking. The hacking was successful, and we have managed to exploit several vulnerabilities of the simulated HIS. We then proposed cyber security recommendations to protect the HIS. Future work will consider demonstrating attacks to a specialized cardiac diagnosis medical system, e.g. the arrhythmia detection and classification in ambulatory ECGs, and explore how the core of its algorithms can be hacked and protected.