Risk Analysis and Countermeasure Suggestions for Hospital Near-source Cyber-attacks
10.3969/j.issn.1673-6036.2024.09.014
- VernacularTitle:医院近源网络攻击风险分析及对策建议
- Author:
Xiaoyang MENG
1
;
Wei YANG
;
Nan ZHANG
;
Guoqiang SUN
Author Information
1. 北京协和医院 北京 100730
- Keywords:
hospital cyber security;
cyber-attack/defense;
penetration testing;
near-source cyber-attack
- From:
Journal of Medical Informatics
2024;45(9):87-90
- CountryChina
- Language:Chinese
-
Abstract:
Purpose/Significance To analyze the risks of near-source cyber-attacks faced by hospitals,and to propose counter-measures.Method/Process Combined with practical work experience,the risk analysis of hospital network architecture,on-site physi-cal environment,personnel behavior and other aspects is carried out from the perspective of near-source cyber-attacker.Then,from the perspective of defender and in combination with regulatory requirements and technical practices,countermeasures and suggestions are proposed.Result/Conclusion 5 main risks are identified,including wireless LAN cracking,exposed wired network sockets,improper configuration of self-service machines,poisoning & phishing,and sensitive information leakage.5 preventive suggestions are put for-ward,including strengthening Wi-Fi management,full coverage of network terminal access,multi-department collaboration in self-service device management,disabling mobile storage media on Intranet terminals,and updating cyber-security education.
