How efficient compu...
 
Notifications
Clear all

How efficient computer forensics

10 Posts
7 Users
0 Likes
401 Views
(@linda)
Posts: 3
New Member
Topic starter
 

I work at one institutional hospital as a medical record officer. Recently everyone talks about internet of thing(iot) and also change environment of managing medical record from paper to electronic.

I already doing the benchmark at another hospital that apply Electronic Medical Record(EMR) and knowing that EMR is more efficient than using paper. Unfortunately, the future challenge that we need to face when use fully EMR is prone to cyber crime such as attacking unknown virus from outsider.

But how efficient computer forensic help in solve the problem when medical data invaded by someone?

Please anyone explain to me to make it clear.

 
Posted : 21/05/2018 7:11 am
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

But how efficient computer forensic help in solve the problem when medical data invaded by someone?

Please anyone explain to me to make it clear.

It is absolutely inefficient.

Computer Forensics happens only AFTER an incident happened.

The scope is to find out
WHO invaded the medical data
WHEN the medical data was invaded
HOW that happened

Of course from the HOW a past incident happened you can learn how not to make that particular incident happen again, but nothing more than that.

You are looking for other fields, data and network protection, operating systems hardening, penetration testing, etc.

jaclaz

 
Posted : 21/05/2018 9:11 am
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

But how efficient computer forensic help in solve the problem when medical data invaded by someone?

The answer is, it depends.

As has been pointed out, computer forensics is reactionary, but to answer your question, it depends upon how systems were set up. Many computer systems and applications are capable of logging significant data, but as an incident responder, I have rarely seen an instance in the private sector where systems were configured to meet the needs of a computer forensic investigation.

Ideally, what you'd want to do is start by protecting the information as best as possible…role based access, permissions, etc. If the information is in a database, do not allow direct access to the data; instead, require that all data requests go through a stored procedure that logs the request, etc.

Then, enable logging of those items that will help you "solve the problem".

 
Posted : 21/05/2018 12:38 pm
MDCR
 MDCR
(@mdcr)
Posts: 376
Reputable Member
 

But how efficient computer forensic help in solve the problem when medical data invaded by someone?

Well, if the patient dies because someone decided to alter the prescription… not much. IT-forensics does nothing to prevent incidents, except to let you learn from it so it (probably) wont happen again.

In my book, forensics should be part of an IR team, threat hunting, pentesting, security engineering that all work together around a security operation center. That is my definition and it is far away from the more common perception of "let's hire a bunch of monkeys who sit and stair at logs".

There are ways to increase an organisations resilience to incidents, but it does not involve writing word documents. You need backups, integrity checking, dual sign off (etc). Practical hands on preventive work and redundancy to prevent a nightmare for patients because some IT incident happened.

Just look at what happened at the NHS when the ransomware hit about a year ago, patients had their surgery cancelled because systems were down, and no (pardon my choice of language but what happened back then still pisses me off) f–king paperwork could have stopped that.

So stop hiring compliance monkeys and start fixing IT-security for real. Compliance is the lowest form of mandatory security, it's the equivalence of a "one size fits all" sock. To get a reasonable degree of security you should have a team of security people working continuously on upping the game against real adversaries (pentesters can help, but they are not what you are up against).

It may be a bit to take in, but IT-security isn't a beginners game and security has been a low priority pretty much everywhere in the world up to now.

 
Posted : 21/05/2018 5:02 pm
Bunnysniper
(@bunnysniper)
Posts: 257
Reputable Member
 

Please anyone explain to me to make it clear.

Again a student from Malaysia, who tries to get answers for his or her study related homework. And again she tried it first at "ComputerForensicWorld" without success. I am not sure she is a female, it is more likely that even name and sex are fake.

 
Posted : 21/05/2018 6:36 pm
(@athulin)
Posts: 1156
Noble Member
 

Again a student from Malaysia, …

I even seem to remember someone asking something fairly close to this question last year. Let's see … yes, NadiaH.

May not even be a student … may be someone trying to find and sell 'the right answer' of the year to students.

I wonder … could we smuggle in some strange word into an answer, which a clueless cheater would not detect, but which might tell an examiner that this is not above board? A kind of canary? We could stress the importance of pandiculation in professional forensic work, perhaps? (No, too obvious … it shouldn't be that susceptible to googling …)

(Dashiell Hammet did that with one or two of his detective stories – used one obvious word that he expected his editor to see, and remove as offensive, and another that seemed innocuous, was less amenable to detection by clueless editors, and that would remain and light up the lives of future non-clueless readers … See https://www.miskatonic.org/gooseberry.html for some literary forensic work. -)

 
Posted : 21/05/2018 6:58 pm
Bunnysniper
(@bunnysniper)
Posts: 257
Reputable Member
 

Again a student from Malaysia, …

I even seem to remember someone asking something fairly close to this question last year. Let's see … yes, NadiaH.

This time i did not step into the case D
But last time i did and gave a quite comprehensive answer.

 
Posted : 21/05/2018 7:11 pm
(@linda)
Posts: 3
New Member
Topic starter
 

Thank you for the feedback and response. I am a student and also work at one hospital which is want to change from paper to EMR and digital record. My lecture mention about CF but i not clear with that, so i want to know how efficient CF in handling data invaded by someone as prevention action.

 
Posted : 22/05/2018 1:35 am
(@jahearne)
Posts: 35
Eminent Member
 

(Dashiell Hammet did that with one or two of his detective stories – used one obvious word that he expected his editor to see, and remove as offensive, and another that seemed innocuous, was less amenable to detection by clueless editors, and that would remain and light up the lives of future non-clueless readers … See https://www.miskatonic.org/gooseberry.html for some literary forensic work. -)

Love Dasheil Hammet's work! I've also been reading a lot of Raymond Chandler's stuff and a bit of Ian Flemming, too.

 
Posted : 22/05/2018 5:51 pm
(@linda)
Posts: 3
New Member
Topic starter
 

(Dashiell Hammet did that with one or two of his detective stories – used one obvious word that he expected his editor to see, and remove as offensive, and another that seemed innocuous, was less amenable to detection by clueless editors, and that would remain and light up the lives of future non-clueless readers … See https://www.miskatonic.org/gooseberry.html for some literary forensic work. -)

Love Dasheil Hammet's work! I've also been reading a lot of Raymond Chandler's stuff and a bit of Ian Flemming, too.

Thank you

 
Posted : 23/05/2018 12:35 am
Share: