Home Securing Healthcare Data in the Cloud: Combating Ransomware and Cyberattacks with Data-Centric Security

Securing Healthcare Data in the Cloud: Combating Ransomware and Cyberattacks with Data-Centric Security

Apr 09, 2018 08:00 CST Updated 08:00

QQ图片20180329111727.png


With the application of data-driven big data technologies across various industries, data sharing and exchange have brought significant value to enterprises. Leveraging technologies such as big data and cloud computing to manage and utilize customer data has become a core competitive advantage for businesses.


For many emerging healthcare enterprises that rely on the rapid development of the internet and cloud computing, data constitutes their core lifeline. Such data often contains substantial amounts of privacy-sensitive information, including personal details, disease records, health metrics, and clinical data. In the event of a data breach, these enterprises would suffer significant losses.

 

Data Security Concerns in the Emerging Healthcare Sector


Many emerging healthcare enterprises rely on cloud computing. After migrating enterprise data to the cloud, there are numerous concerns regarding data security:


Open multi-tenant cloud environments have failed to effectively resolve traditional data security issues such as hacker attacks, database exfiltration, and SQL injection; instead, these risks have been amplified. Particularly in a multi-tenant setting, ensuring that cloud tenants’ data remains inaccessible to third parties is a critical challenge. Furthermore, resource sharing raises concerns regarding security isolation and the potential for mutual interference among tenants.


Cloud architecture differs from traditional environments, typically divided into three layers: IaaS, PaaS, and SaaS. Moreover, major cloud providers currently even offer a DBaaS layer. In each of these layers, certain components are managed by the cloud provider, preventing users from exercising absolute control. This results in partial or complete loss of user data control.

 

Challenges of Data Ownership and Regulatory Compliance


Whether enterprise businesses are deployed on public clouds or private clouds, they face a tangible issue: the security challenges related to data ownership and regulatory compliance.


In response to concerns over personal privacy and data risks posed by big data, relevant laws and regulations have been continuously improved. As early as 2011, the National Health and Family Planning Commission issued the Guiding Opinions on Information Security Level Protection in the Health Industry, which stipulated that, in accordance with the national information security level protection system and relevant standards and specifications, the health industry should comprehensively carry out work related to classification filing, construction and rectification, and level assessment for information security level protection. On November 7, 2016, the 24th Session of the Standing Committee of the 12th National People’s Congress formally adopted the Cybersecurity Law of the People’s Republic of China.


Key regulations and standards also include the Multi-Level Protection Scheme (MLPS) for Cybersecurity, the Guidelines for Security Assessment of Outbound Transfer of Important Data, and the Personal Information Protection Law. Medical enterprises or institutions involved in international business are also subject to regulatory frameworks such as the European Union’s General Data Protection Regulation (GDPR). Compliance is increasingly becoming a critical factor affecting cloud data security.


How can data sharing and exchange be achieved while fully protecting sensitive private data? How can malicious theft of customer data by hackers or competitors be prevented? Ensuring that the sharing and exchange of sensitive data complies with regulations, including the requirements of the Multi-Level Protection Scheme (MLPS) and the Cybersecurity Law, has become a core demand in the new healthcare sector.

 

Security Protection for Healthcare Enterprises in the Cloud Era


Traditional solutions primarily implement controls at the application, host, and even network packet levels. However, such protective measures are far from sufficient in today’s landscape.


In January this year, the ransomware incident at Jiangxi Provincial Maternal and Child Health Hospital went viral on social media. The cause was that staff members inadvertently infected their systems with the Ransom_RUSHQL.A ransomware while installing a cracked version of PL/SQL Developer, resulting in the hospital’s servers running at 100% CPU usage throughout the day and the database being locked by the SQL RUSH Team.


Yang Haifeng, Co-founder and CTO of Anhua Jinhe, conducted an in-depth analysis of the incident. He stated that after gaining access through legitimate database connections, the virus implanted high-privilege, auto-executing stored procedures into the hospital’s database system. It then leveraged certain mechanisms within the database system’s execution packages for stored procedures to achieve its attack objectives. This constitutes a composite attack. Once such malicious code is implanted, the resulting damage can be significant, ranging from system paralysis to catastrophic data loss. Traditional security measures are often ineffective against this type of attack, necessitating protective strategies focused specifically on the data layer.


In terms of data security, Anhua Jinhe pioneered in China in 2017 by proposing a comprehensive technical support framework for data security underpinned by the concept of data security governance. Over the nine years since its establishment, Anhua Jinhe has developed this framework through continuous reflection on users’ data security risks and the distillation of practical data security protection cases. Its significance lies in the recognition that merely protecting data is not the ultimate goal; rather, data must be utilized securely and reasonably to maximize its value.


Traditional security protection is often based on zone isolation and the division of security domains. In contrast, data security governance is founded on data classification and grading, ensuring that data flows and is used in a reasonable and secure manner. Furthermore, while traditional security protection primarily targets external hackers and intruders, data security governance places greater emphasis on managing internal data users, ensuring they use data reasonably and in compliance with regulations, thereby creating value.


Security Defense Under the Big Data Architecture


Generally, after enterprise data is migrated to the cloud, it is divided into public and private segments. The Hadoop architecture is commonly adopted for data storage and sharing. Anhua Jinhe focuses on providing a comprehensive solution for secure data usage and sharing. For distributed computing platforms like Hadoop, Anhua Jinhe’s products have been appropriately adapted, ensuring that users’ data protection and usage experience remain consistent with that of traditional relational databases.


This includes security measures such as data acquisition, data ingestion, and data development and sharing within the Hadoop framework. Only by effectively implementing these measures can the normal operation of the big data framework be ensured throughout the entire process of data development and operations and maintenance (O&M).


In addition, Anhua Jinhe offers data encryption solutions for data storage. During the data development process, it provides corresponding data masking products, enabling developers to work with masked data rather than directly accessing real data. This ensures that even in the event of a data breach, the exposed information is not actual sensitive data.

 

Integration of Blockchain Technology and Cloud Security Technology


After several generations of development, blockchain technology has become relatively mature, yet its application scenarios in the healthcare industry remain to be fully explored. As a cloud service provider focused on data security in the healthcare sector, Anhua Jinhe is also exploring how cloud security can be integrated with blockchain. In Yang Haifeng’s view, the key areas of convergence between the two technologies will primarily lie in data encryption, the trustworthiness of audit data, and data provenance.


Currently, the application of blockchain in the healthcare industry is at a relatively early stage. True integration of the two involves many upstream and downstream related technologies. Anhua Jinhe has already initiated forward-looking collaborations with several telecommunications operators, aiming to achieve corresponding breakthroughs in this field in the near future.