Digitial data storage vulnerable to viral infiltration and theft

Credit: Muhammad SAEED via Flickr Creative Commons Credit: Muhammad SAEED via Flickr Creative Commons

In last week’s Pugwash meeting, we discussed the recent state of “ransomware” attacks and what they mean for the future of data. In the last month, a number of hospitals have been hit with cyber attacks known as ransomware.

Ransomware is the term used to describe a virus that enters a computer system and encrypts all of the data it finds, making it impossible for the regular users to access. Encryption is followed by a demand: “hand over some amount of money” — usually in bitcoins — “or else lose your data forever.”

This sounds scary enough to private individuals, whose lives and daily workload largely exist in digital formats, but it’s even scarier for hospitals, which rely on patient data to make medical decisions. Being susceptible to these sorts of cyber attacks is one of the side effects of the increasing digitization and centralization of medical data.

On one hand, having networked access to patient information makes it easier to receive care across institutions and allows healthcare professionals to find information with the click of a button. It also makes it possible to use “big data” algorithms to find patterns in the data and advance the field of medicine.

On the other hand, though, network access makes it much easier for criminals to gain access — or deny access to the rightful users — because of the centralization of the data. Instead of relying on paper records that would need to be physically lost, misplaced, or stolen, one by one, the information is now stored in one database that can be infiltrated in one fell swoop.

It’s harder to tell if the data has been compromised or not. If the physical copy is still in the file cabinet, you know it hasn’t been stolen and that you still have access. However, in the digital world, a virus could infect the system and lurk for months before becoming active, without anyone ever noticing.

One suggestion was to use “an old Russian spy system,” where the data requires two keys to access, with two different people carrying the keys. This might make it harder for the data to be hacked into, but it would also be a hassle for a nurse or doctor who just wants to quickly look up a patient’s information. Another idea was to keep physical hard copies as backups for all the data stored online, which would make ransomware less threatening, as there would always be a way to access the information even if the digital copies were malignantly encrypted.

One Pugwash speaker drew an analogy between these computer viruses and real-life biology, comparing the evolution of cyber attacks and defenses to the arms race of biological mutations seen between predator and prey.

Ransomware and other viruses are constantly evolving, so large systems like hospitals or governments need to keep on their toes to be able to fight back. This is another frightening aspect of ransomware — if an organization pays up to keep their data, then that money just goes to fund the criminals and allows them to create even more malicious code.

Even with the best cyber defenses, one Pugwash member said, the real issue is social engineering. Taking data from the network and keeping it in a closed system, or requiring two keys to access it doesn’t work if people don’t know how to use the system. There are benefits to having health data connected in a large network — applying “big data” techniques to huge databases of (anonymized) medical data could lead to big advances in treatment, and being able to send information across institutions connected by the network makes it easier for patients to receive treatment, wherever they are.

But do the benefits outweigh the risks?

Student Pugwash is a non-advocacy, educational organization that discusses the implications of science. This article is a summary of last week's discussion on ransomware.