13.9 C
Tuesday, May 17, 2022

‘Smart’ operating systems in aged care facilities are proving a godsend, but with tech-enhanced convenience and efficiency comes increased risk

Must read

Technological advances open a world of new opportunities, but never without some form of risk.

And in 2022, with life becoming more and more dependent upon digitised systems, there is much work to be done in securing both personal and nation-wide digital infrastructure.

Last year, the technological vulnerabilities of aged care systems was exposed, as two Brisbane aged care facilities were successfully targeted in cyber attacks.

UnitingCare Queensland facilities, including the Wesley and St Andrews War Memorial Hospitals, were forced to temporarily revert to manual systems in March 2021, after an external hacking group, REvil/Sodin, took hold of their IT systems.

The Russian hacking group, infamous for utilising a type of malware that encrypts files and demands a ransom to unlock them, prevented the facilities from accessing vital patient information, including pathology results such as x-rays.

Later in the year, another disturbing vulnerability was unearthed: national data platforms, including the Australian Immunisation Register and the Medicare and Pharmaceutical Benefits Scheme portals, were identified as at risk.

This is due to the system’s reliance on the  ‘Log4j Java system’, a vital component required to record information within operating systems.

As the Australian Industry (AI) Group explains, a large number of apps may be vulnerable, affecting individuals, businesses and business supply chains. 

“A hole in their defences could allow malicious actors to create malicious ‘logs’ which could take control of computer systems and data,” an AI spokesperson says.

Hank Jongen, Services Australia general manager, says that whilst no successful breaches have happened to date, authorities are staying vigilant.

“We’re not aware of any data being exposed by third party vendors and we continue to actively work with developers to transition.”

Hank Jongen, general manager of Services Australia, say that although their system has not been hacked to date, authorities are remaining vigilent.

However, a lack of active attackers does not necessarily mean that breaches are not afoot.

Digital intruders often bide their time, hiding deep inside software systems and lurking there for years.

Stuart Robert, federal minister for employment, has encouraged all businesses to take the issue seriously. 

“It is a serious virus, serious piece of malware,” he says.

“I’ve been encouraging all businesses at a degree of urgency to ensure their servers, especially their web servers and any of their remote access through MobileIron, are appropriately patched, and they should be doing it now.”

Australian companies, universities and all aspects of government have been warned to, at the very least, take basic steps to scan and upgrade software to protect themselves.

I’ve been encouraging all businesses at a degree of urgency to ensure their servers, especially their web servers and any of their remote access through MobileIron, are appropriately patched, and they should be doing it now.

Federal minister for employment, Stuart Robert

Services Australia is now working closely with the Australian Cyber Security Centre on the evolving threat.

“Services Australia will continue to implement mitigation and detection recommendations as advised by the ACSC,” Jongen says.

“The ACSC are working with all vendors to ensure that Log4j vulnerabilities are identified and mitigated.”

Researchers on the front foot against future cyber attacks

The implicated logging system also happens to be a software component present in applications used by millions of Australians on their work and home computers, phones, and seemingly secure apps.

It is increasingly becoming relevant as Australians take up new ‘Internet of Things’ technology – smart devices that are autonomous and linked to the internet – such as smart speakers, smart locks etc.

But researchers have taken to the task of ensuring our 5G future is as safe as possible.

Professor Jianming Yong, a University of Southern Queensland cyber security and privacy preservation expert, warns that the convenience these smart devices provide “can come at a cost”.

“The more smart devices you have connected to a network, the more ways your stored information and data can be stolen or leaked by hackers without any warning,” he says.

“A hacker can install an app to a smart phone to steal all sensitive data or personal information from the smart phone, and then demand a ransom.” 

“[Therefore], the importance of new and more advanced privacy preservation protocols is more critical than ever.”

Professor Jianming Yong, from the University of Southern Queensland, says that advanced privacy protections are more critical than ever as we advance into the 5G age.

Thankfully, Yong and fellow University of Southern Queensland researcher Associate Professor Xiaohui Tao, have begun research into improving privacy mechanism in smart devices.

The team are doing so thanks to a three-year, $347,000 Australian Research Council (ARC) Discovery Projects grant.

“Our research is about all smart devices, not only for personal use but also for organisations like government and aged car homes as long as smart devices are used,” Yong tells Aged Care News.

Yong and Tao will collaborate with Professor Yuefeng Li from the Queensland University of Technology to develop artificial-intelligence-powered tools and methods.

These tools will then be used to identify gaps in existing privacy presentation techniques, informing the development of brand new privacy preservation systems, fit for the 5G-enabled environment.

“Using cutting edge AI technology, such as deep learning, we hope to gain an insightful understanding of privacy preservation protocols within a 5G integrated IoT domain,” Yong says.

“This will allow us to create accurate and reliable privacy preservation protocols for different interconnected smart devices that takes into consideration personalised communication privacy demands.”

For anyone concerned in the meantime, Yong tells Aged Care News that careful attention to your device’s privacy settings can go a long way.

“They can simply check on their smart devices’ security and privacy configuration on the system’s settings and configure their security and privacy settings in a way which they prefer.”

The Australian Cyber Security Centre provides detailed instructions on how to do this, via this link.

With Marion Ray – AAP

- Advertisement -

Leave a Reply

Latest article

- Advertisement -
Thank you! Your subscription has been confirmed. You'll hear from us soon.
Email newsletter sign-up