Security risk of Internet Medical Service and its Countermeasures.

The emergence of Internet medical services has improved the convenience and timeliness of patients' medical treatment.

The state attaches great importance to the work of "Internet + Medical and Health" and has issued a series of policies to promote its development in recent years.

Internet medical care provides medical and health services through mobile terminals or the Internet. due to the lack of security mechanisms and system defense in depth, mobile terminals are faced with new security risks and challenges.

The risk of Internet medical security is becoming increasingly serious.

Under the influence of COVID-19 's epidemic situation and the state's encouragement and support of "Internet + Medical and Health" in recent years, it can be predicted that the mobile Internet medical business is booming.

At the same time, the security risk of mobile Internet medical application is also showing an increasing trend.

It is mainly shown in the following four aspects:

1.

System security risks are increasing day by day.

Because the mobile Internet medical data contains personal sensitive information such as patients' name, age, residential address, telephone number, bank account, diagnosis, test report, medication record, medical history and so on, it contains important wealth value. mobile Internet medical system has become an important target coveted by lawbreakers, and hackers can attack through vulnerabilities in the background system to obtain a large amount of medical and health data.

two。.

The security risk of application channel can not be ignored.

Mobile Internet medical application channels are mainly divided into two categories: one is PC Internet portals, the other is mobile client software download channels.

Phishing of mobile client software brings the problem of sensitive information disclosure.

Due to the diversity of download channels and the lack of channel management and technical detection of mobile client software, the phishing of mobile client software with fishing purpose and fraud has become a tool for lawbreakers.

After patients and doctors use counterfeit or tampered mobile client software, their personal medical information and financial information will be obtained by criminals, bringing security and property risks to patients and doctors.

With the accelerated popularity of mobile medical applications, the threat is becoming more and more prominent.

3.

The problem of illegal collection and use of personal information has become increasingly prominent.

In the special governance action of App illegal collection and use of personal information carried out by the four ministries and commissions of the Central Internet Information Office, the Ministry of Industry and Information Technology, the Ministry of Public Security and the State Administration of Market Supervision, it was found that there was an illegal collection of personal privacy information in Mobile Medical App.

Such as reading user contact data, reading user calendar information, reading user text messages, allowing applications to send SMS / MMS resulting in unexpected charges, allowing applications to record audio, and so on, there are some cases where there is no user agreement and privacy policy.

4.

Data leaks occur frequently, and the impact is aggravated.

Due to the lack of security and health medical data life cycle management measures in many mobile Internet medical operators, the mobile Internet medical system running on the Internet has become the main target of hackers.

According to the medical industry data security report released by foreign medical and health analysis companies, the number of hacker attacks on the medical industry soared by 48% in 2021 compared with the previous year, and the number of patients affected tripled over the previous year. The scope and extent of the impact have intensified.

The emergence of COVID-19 's epidemic situation has promoted the development and popularization of mobile Internet medical services in China.

At the same time, the depth and breadth of the impact of mobile Internet medical security risks are also increasing, which need to be vigilant and dealt with.

Analysis on the causes of Internet Medical Security risk.

1.

The security in-depth defense system of mobile Internet medical system is not perfect.

Compared with the traditional medical system, the mobile Internet medical system is more exposed on the public network, and the security in-depth defense system of many mobile Internet medical systems is not perfect.

It is mainly manifested in the following five aspects: insecure network topology, inadequate or unreasonable configuration of intrusion prevention facilities, imperfect security protection measures for remote transmission and access, insufficient security monitoring and audit, security prevention of Web application vulnerabilities and lack of anti-attack capability of the client. At the same time, mobile client software does not use effective means such as code confusion, code shelling, detection modulator and so on.

Resist static analysis, dynamic debugging, etc.

There is no integrity and authenticity check during software installation, startup and update to resist tampering or hijacking, resulting in users' sensitive information easily obtained illegally in the process of use.

two。.

The security monitoring of mobile client application channel is not enough.

There are four main reasons for the security risks of mobile Internet medical application channels: first, most mobile Internet medical application operators do not have the means to identify counterfeit and pirated applications of mobile client software; second, due to the different release time of different channels, there are different versions, and users may download mobile client software with security vulnerabilities.

Third, most mobile client software does not carry out security reinforcement, which brings security risks to users; fourth, the lack of channel management and technical detection of mobile client software leads to the existence of counterfeiting or tampering applications.

3.

The security mechanism of authentication-authorization-audit is weak.

At present, most of the mobile Internet medical systems are not perfect or even missing in authentication, authorization and audit, which aggravates the impact of data leakage.

From the perspective of authentication mechanism, at present, most systems adopt the single-factor authentication mode of "user name + password" with poor security and use weak passwords, which are easy to be cracked or guessed by lawbreakers through tools. This leads to the theft of identity authentication information.

From the perspective of authorization mechanism, at present, most systems do not assign the minimum permissions for users to undertake tasks, the permission granularity setting is too large, the access rights of default accounts are not restricted, and the account permissions are not withdrawn in time, resulting in unauthorized users accessing system functions or data.

From the perspective of security audit, compared with authentication and authorization mechanism, mobile Internet medical system is weaker in the construction of security audit mechanism, and does not provide audit functions such as high-frequency login, batch login and key data use. it even lacks the basic logging function, which makes it impossible to prevent the occurrence of potential security incidents and trace back afterwards.

4.

Inadequate security protection mechanisms and measures for the life cycle of medical and health data.

The data life cycle mainly includes five links: data collection, data transmission, data storage, data use and data destruction.

Strengthening the security management of data life cycle can effectively reduce the security risk of data disclosure.

At present, most medical institutions lack corresponding safety management measures.