HC3 警告醫療機構遭受 Web 應用程序攻擊的風險 HC3 Warns of Risk of Web Application Attacks on Healthcare Organizations


近年來,Web 應用程序在醫療保健領域越來越受歡迎,並用於患者門戶、電子病歷系統、安排預約、訪問測試結果、患者監測、在線藥房、牙科 CAD 系統、庫存管理等。這些應用程序是通過標準的網絡瀏覽器訪問的,但是,與大多數網站相比,用戶需要對應用程序進行身份驗證。

根據 2022 年 Verizon 數據洩露調查報告,利用 Web 應用程序漏洞的攻擊一直在增加,Web 應用程序攻擊現在是排名第一的醫療保健攻擊媒介。

Web applications have grown in popularity in healthcare in recent years and are used for patient portals, electronic medical record systems, scheduling appointments, accessing test results, patient monitoring, online pharmacies, dental CAD systems, inventory management, and more. These applications are accessed through a standard web browser, however, in contrast to most websites, the user is required to authenticate to the application.

Attacks exploiting vulnerabilities in web applications have been increasing and web application attacks are now the number one healthcare attack vector, according to the 2022 Verizon Data Breach Investigations Report.

Source: HIPAA 期刊