I was hoping that someone with better knowledge than I would respond first, but
I don't see anything yet.
Charles, I don't happen to know of any analysis or comparison of the
vulnerabilities of health portals. Hopefully someone else can provide
something.
You should be aware that there is a huge difference between hackers trying to
get steal personal information and hackers using ransomware. As a general
rule, ransomware attackers do not have and are not trying to get personal
information. All they want is to lock you our of your computer until you pay
them to regain access. Ransomware simply encrypts everything on the computer,
making it impossible to access anything until right code is sent to the
ransomware to decrypt it again. Sometimes all it takes is to click on the
wrong link or opening an infected attachment to unintentionally install
ransomware software and lock your system up. Breaking into databases to steal
personal information is a much more involved and directed attack.
That said, both hospitals and libraries have been the victims of hackers, both
from ransomware and from database attacks to gain personal information.
Library vendors have also been victims. Literally every computer on the planet
is vulnerable to one degree or another unless they are disconnected from the
network. Hackers have attacked everything from the Pentagon to the personal
laptops of middle-schoolers. There is lots of good advice on the web on
protecting computers against ransomware and other hackers.
Steve McDonald
steve.mcdon...@tufts.edu
-----Original Message-----
From: Code for Libraries <CODE4LIB@LISTS.CLIR.ORG> On Behalf Of charles meyer
Sent: Monday, February 20, 2023 10:31 PM
To: CODE4LIB@LISTS.CLIR.ORG
Subject: [External] [CODE4LIB] Medical Records Portals - Hacking
My esteemed listmates,
Has anyone found reliable analysis and risk factoring of the vulnerabilities of
health care (medical) portals?
Health care professionals from doctor offices to hospitals all insist patients
subscribe to their health care portal.
That raises the question of how difficult is it for hackers to access your
medical records?
We’ve seen in the news how county governments have had to pay for the
ransomware holding their operational software hostage.
Is it such a stretch those nefarious characters could also hack our medical
records and hold hospitals hostage?
They could, conceivably, do the same with library materials patrons have
checked out holding the county hostage for that info.
Thank you.
Charles
Charles Meyer
Charlotte County Public Library
Caution: This message originated from outside of the Tufts University
organization. Please exercise caution when clicking links or opening
attachments. When in doubt, email the TTS Service Desk at
i...@tufts.edu<mailto:i...@tufts.edu> or call them directly at 617-627-3376.
