Risk Analysis and Countermeasure Suggestions for Hospital Near-Source Cyber-Attacks

Corresponding author: Meng Xiao Yang, mengxy@pumch.cn

DOI: 10.12201/bmr.202406.00008

•  

  Abstract: Basing on practical work experience, this article first analyzes the risks from the perspective of a near-source network attacker, considering factors such as the hospitals network architecture, on-site physical environment, and personnel behavior. Then, from the defenders perspective and in combination with regulatory requirements and technical practices, countermeasures and suggestions are proposed. Five main risks were identified, including wireless LAN cracking, exposed wired network sockets, improper configuration of self-service machines, poisoning & phishing, and sensitive information leakage. Five preventive suggestions were given, including strengthening wireless Wi-Fi management, full coverage of networked terminal access, multi-departmental collaboration to manage self-service equipment, disabling mobile storage media for internal network terminals, and updating cyber-security education.Compared with traditional internet attacks, near-source cyber-attacks are more covert and difficult to prevent, especially in hospitals.

  Key words: hospital cyber-security,cyber-attack/defense,penetration testing, near-source cyber-attack

  Submit time: 7 June 2024

  Copyright: The copyright holder for this preprint is the author/funder, who has granted biomedRxiv a license to display the preprint in perpetuity.
• html

• 图表

• LI Zhi-yi, XIAO Yong, SHEN Shaowu. Analysis and reflection on the current situation of network security construction in Hubei Traditional Chinese Medicine Hospital. 2023. doi: 10.12201/bmr.202312.00014

  renzijia, xiaoyong. Analysis and reflection on the current situation of network security in Chinese medicine hospitals in China,REN Zi-jian, XIAO Yong, SHEN Shao-wu, TIAN Shuang-gui , TIAN Shuang-gui, Hubei University of Chinese Medicine, Wuhan 430065, China. 2021. doi: 10.12201/bmr.202101.00006

  SUN Bao-feng, ZHANG Wei-yi, YANG Yang, LI Yu-hong. Practice of cybersecurity risk management in large hospitals based on a situational awareness platform. 2024. doi: 10.12201/bmr.202408.00065

  zangqiu, wang chun liang. Practice of Optimization Scheme of Hospital Network Security Under Security Level Protection. 2021. doi: 10.12201/bmr.202107.00010

  xiaoyong. The course and Prospect of network security construction of Traditional Chinese Medicine Hospital in China. 2021. doi: 10.12201/bmr.202108.00001

  XU Hao, LI Chaofan, ZHANG Mengna, REN Peng, ZHANG Ran. Research and Simulation of Hospital Network Architecture Based on EVE-NG / XU Hao, LI Chao-fan, ZHANG Meng-na, et al // Medical Informatics. 2020. doi: 10.12201/bmr.202004.00033

  GAO Yang, GAO Wen-yue. Research on the cultivation strategy of network information security literacy of medical students from the perspective of big data. 2020. doi: 10.12201/bmr.202004.00030

  ZHANG Li-fang, dong ya li, wang xin, lin chun mei, zhang yan chun, qin jiang mei. The progress and suggestions for sustainable development of community hospital construction. 2022. doi: 10.12201/bmr.202209.00015

  Problems and Countermeasures of“Information Island”in Hospital. 2020. doi: 10.12201/bmr.202007.00010

  You Liping, WangShiyu. Extraction of Adverse Drug Events from Social Media Based on FrameNet Semantic Analysis YOU Liping, WANG Shiyu, LI Chaofan, College of Economics and Management, Shanxi University, Taiyuan 030006, China.. 2022. doi: 10.12201/bmr.202211.00006

• ID	Submit time	Number	Download
  1	2024-03-24	10.12201/bmr.202406.00008V1	Download

• Public  Anonymous  To author only Submit Comments