Earlier this year, the technology world was struck by the Heartbleed Bug, which threatened the digital security of countless industries, including medical imaging. Now, a new virus is causing considerable panic among IT managers around the globe.
The Shellshock security bug was discovered inside a piece of software called Bash, which is used by Apple's Mac operating systems and internet{u.c.} servers that governments rely on, The Independent reported. It allows hackers to control countless devices all over the world and has existed for more than 20 years, threatening millions of security infrastructures that belong to institutions like banks and the military.
It carries one of the highest possible threat ratings for its potential impact on security and how it can exploit various settings on any platform. The U.S. National Cyber Security Division gave Shellshock a 10 out of 10 score for severity and a low complexity rating, meaning it is easy for hackers to implement the code and infiltrate security systems. This is especially troubling as many industrial control systems rely on Bash software, including power plants and traffic lights.
However, the most dangerous aspect of Shellshock is that it targets servers, rather than individuals. For patients, this means that hackers could break through hospital and private practices' security to access personal information stored on PACS or electronic health records, like birth dates, addresses and Social Security data.
Why it is different from Heartbleed
According to The Washington Post, Shellshock was discovered on Sept. 12, 2014, by Unix specialist Stephane Chazelas. The software is also built into 70 percent of machines that connect to the Internet. While Heartbleed caused substantial panic back in April, it was rated 5 for severity, compared to Shellshock's 10.
In addition, Heartbleed revealed cracks in security technology used by websites, which led to exposed passwords and other personal data. On the other hand, Shellshock exploits flaws in hardware to the point where hackers can hijack computers and other devices to control Web servers. This would make it considerably easier for malicious users to steal sensitive and personal data from any number of institutions. What also makes Shellshock particularly dangerous is that it is "wormable," which means it can self-replicate and spread across devices like a disease. This is especially threatening to health systems where the enterprise shares connectivity to databases full of digital imaging results and other clinical data.
Shellshock is far more threatening than Heartbleed due to its targeting of servers. Existing for over two decades, it makes many large organizations particularly vulnerable to extensive attacks from hackers with knowledge of the bug's complexities. They can execute commands on devices once they have taken over, putting the storage of personal information at risk of leaking.
Health care providers working in diagnostic radiology should take serious steps to ensure the security of patients' data. Collaborating with health IT administrators, leaders need to review their systems and look for any potential flaws that can be exploited by hackers. In addition, they have to contact their software vendors to check for any incoming updates to their products that fortify defenses against Shellshock.
Contact Viztek for more information.
Ronny Bachrach
Latest posts by Ronny Bachrach (see all)
- Konica Minolta Debuts First-of-Its-Kind Digital U-Arm System at AHRA - July 27, 2016
- Researchers Detect Signs Of Stroke Risk Using MRI - June 27, 2016
- Imaging Biz: Q&A with David S. Channin MD: How to Make PACS Patient Centered - June 22, 2016
0
0
0
