Support our online development, and advance our onground research initiatives in free market economics, as we seek to showcase the brightest Next-Gen minds.
THE ME-P DISCLAIMER: Posts, comments and opinions do not necessarily represent iMBA, Inc., but become our property after submission. Copyright © 2006 to-date. iMBA, Inc allows colleges, universities, medical and financial professionals and related clinics, hospitals and non-profit healthcare organizations to distribute our proprietary essays, photos, videos, audios and other documents; etc. However, please review copyright and usage information for each individual asset before submission to us, and/or placement on your publication or web site. Attestation references, citations and/or back-links are required. All other assets are property of the individual copyright holder.
A Book Review
[By Darrell K. Pruitt; DDS]
I’m reading “Cyber War” by Richard A. Clark. He served the Pentagon, the State Department, and the National Security Council under Presidents Reagan, Bush, Clinton and Bush. It’s sobering to learn that North Korea has already successfully pulled cyber-war tricks against a vulnerable US. But; to learn that North Korea doesn’t have any Internet vulnerabilities is frightening.
China
And what about China – want to see sophistication? Clark says that within the last year, Canadians discovered a highly sophisticated program they named “GhostNet.” It had infected over an estimated 1300 computers at several countries’ embassies around the world. Get this: The program had the capability to remotely turn on a computer’s camera and microphone without alerting the user and to send the information back to China. So how could such capabilities affect you and me?
GhostNet
GhostNet had been working for almost 2 years before it was discovered. About the same time, US Intelligence leaked news that Chinese hackers had penetrated the US Power grid and left behind programs that can shut the grid down. Clark suggests that the Chinese intended us to find their program as a deterrent to our national will to intervene if China should find it necessary to annex Taiwan or even the Spratly Islands in the South China Sea – where the reefs shelter some of the largest remaining stocks of fish in the world, in addition to undeveloped oil and gas reserves that rival Kuwait’s.
Gates Speaks
Clark says that according to Defense Secretary Robert Gates, cyber attacks “could threaten the United States’ primary means to project its power and help its allies in the Pacific.” Clark adds, “The problem is, however, that deterrence only works if the other side is listening. U.S. leaders may not have heard, or fully understood, what Beijing was trying to say. The U.S. has done little or nothing to fix the vulnerabilities in its power grid or in other civilian networks.”
Assessment
If they shut down our power grids, it will be chaos. Are we as a nation flying far too fast into the cloud?
What does this say about eMRs and eHRs, regional health information exchanges, cloud computing, and related health 2.0 initiatives and/or information technology? Sobering thoughts for the weekend.
Conclusion
Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.
Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com
OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:
- DICTIONARIES: http://www.springerpub.com/Search/marcinko
- PHYSICIANS: www.MedicalBusinessAdvisors.com
- PRACTICES: www.BusinessofMedicalPractice.com
- HOSPITALS: http://www.crcpress.com/product/isbn/9781466558731
- CLINICS: http://www.crcpress.com/product/isbn/9781439879900
- ADVISORS: www.CertifiedMedicalPlanner.org
- BLOG: www.MedicalExecutivePost.com
- FINANCE: Financial Planning for Physicians and Advisors
- INSURANCE: Risk Management and Insurance Strategies for Physicians and Advisors
Share this:
Filed under: Book Reviews, Information Technology, Pruitt's Platform | Tagged: computer hackers, cyber space, Cyber War, Darrell K. Pruitt, EHRs, EMRs, GhostNet, health 2.0, HIE's, Richard A. Clark, Robert Gates, www |
The Leading Business Education Network for Doctors, Financial Advisors and Health Industry Consultants 
Book Review on “Cyber War”
[Part 2]
In the post above, I described a book I’m reading called “Cyber War” (2010), by national security veteran Richard A. Clarke and Robert K. Knake.
In part 1, I reported that Clarke claims that the US is very vulnerable to government-supported North Korean and Chinese cyber-warriors. Later, he adds that some US Intelligence officials don’t think the Chinese are as big a threat as the Russians. One official told Clarke, “The Russians are definitely better, almost as good as we are.” Like America’s NSA, Russia’s FAPSI comes from a long tradition in covert electronic surveillance that dates back to World War II.
Cyber-warfare, like the Internet itself, levels the international playing field by empowering even the smallest of players who are willing to use aggression to increase their influence — at little or no risk. Former Director of National Intelligence, Admiral Mike McConnell is quoted: “The vast majority of the industrialized countries in the world today have cyber-attack capabilities.” It seems that everyone knows how to attack.
Clarke then describes a horrifying scenario of nation-wide devastation that can occur within 15 minutes when Cyber Warriors launch a coordinated attack by pre-positioned worms, trap doors and logic bombs. Intuitively, I’m skeptical about crashed airplanes, derailed locomotives and raging refinery fires within 15 minutes simply because I’m a veteran of those Internet dangers that never matured at the change of the millennium. But that’s not to say that I entirely discount Clarke’s vision of doom.
“In all the wars America has fought, no nation has ever done this kind of damage to our cities. A sophisticated cyber war attack by one of several nation-states could do that today, in fifteen minutes, without a single terrorist or soldier ever appearing in this country.”
How likely will cyber escalate to nuclear? In the Introduction, Clarke writes, “The force that prevented nuclear war, deterrence, does not work well in cyber war. The entire phenomenon of cyber war is shrouded in such government secrecy that it makes the Cold War look like a time of openness and transparency.” Clarke’s warnings weigh in heavily ominous at the end of Chapter Two “In cyber war, we may never even know what hit us. Indeed, it may give little solace to Americans shivering without power to know that the United States may be about to retaliate in kind.”
Then, he sets the scenery for a vignette depicting military command in the War Room reacting to a cyber attack:
“While you were on the line with the President, sir, Cyber Command called from Fort Meade. They think the attack came from Russia and they are ready to turn out the lights in Moscow, sir. Or maybe it was China, so they are ready to hit Beijing, if you want to do that. Sir?”
How well can mutually assured destruction work without deterrence? Perhaps, just as designed.
Darrell K. Pruitt; DDS
LikeLike
More on “Cyber War” – [it gets personal]
In 1976, a book on evolution called “The Selfish Gene” by British scientist Richard Dawkins became widely popular. When he coined the term “selfish gene,” it wasn’t an anthropomorphic faux pas such as one might expect to hear from an adoring pet owner. Rather than assigning human attributes to a sub-human molecule, “selfish gene” is Dawkins’ way of describing a theory of gene-centered evolution in which either nature or humans selectively eliminate unproductive characteristics of a population by targeting their phenotypical expression in individuals.
In the wild, selfish predators turn slow running phenotypes into nourishment. When a herdsman notices genes whose expressions don’t contribute to the productive domestication of the population, they are selectively terminated by selfish cultivation.
Selfish meme
Dawkins is also credited with coining the term “meme” to designate a unit of human cultural expression – including national, ideological and religious beliefs. Theorists argue that memes evolve by selection in a manner analogous to biological evolution. I suggest that memes are also subject to elimination by forces of nature or perhaps future herdsmen empowered with strategically important information about a population’s genotypes – that is, the individuals’ DNA codes.
Dawkins words I last read 30 years ago repeatedly came to mind while recently reading “Cyber War” that was published only months ago. Author Richard A. Clarke is a respected expert on national security and has served four US Presidents. He brings world-class credibility when he describes our nation’s proven inability to protect even the most secure US government entities from hackers – many of whom are state-supported by potential enemies like North Korea, China and Russia.
The really bad news hits closer to home when Clarke stresses that private US businesses such as electrical power grid operators, air traffic controllers and even Internet service providers (ISP) are hardly protected at all from those who would harm US citizens. So what are the chances that Americans’ electronic health records (eHR) are any better protected? Docs, when was the last time do you think your competitors had their HIPAA Security Officers change passwords for all computers in their practices? Need I say more?
The rising cost of medical care and the increasing number of medical identity thefts in the US clearly prove there is a growing illegal market for patients’ digital medical records driven by profit. If Clarke is to be believed, we must assume that eHR data banks sitting in providers’ offices – often not even protected by effective passwords as you recall – have already been infiltrated by hackers. Even before DNA codes are included in Americans’ eHRs to enable “personalized” healthcare, as President Bush called it almost 3 years ago, imagine the strategic advantage our enemies already have with uncontested access to virtually all healthcare data.
Now do the unthinkable and imagine how your great grandchildren could be hurt if our enemies know every American’s DNA code. Who knows what kinds of horrible biological “smart” weapons humans will employ to subjugate other humans decades from now. I fear that it is the reckless healthcare information technology (HIT) stakeholders inside and outside government who are unwittingly empowering those who would harm my grandchildren with today’s stolen genetic information that can never again be made private. Unlike social security numbers, Americans’ DNA codes are strategic for generations.
Perhaps I’m the only person bothered enough to express this concern, but I fear that right now there are genetics experts preparing the battlefield by documenting vulnerabilities, while waiting on tools that can stealthily and selectively cultivate the population according to productive phenotypes, disruptive phenotypes and favored families’ selfish genes.
What did you want, a nice bedtime story?
D. Kellus Pruitt; DDS
LikeLike
NASDAQ forum site hacked
Attention all physician investors.
http://www.nbcnews.com/business/nasdaq-forum-site-hacked-passwords-compromised-6C10679975
Passwords compromised today.
Giles
LikeLike
I’m a party crasher!
Yesterday, cyber-security consultant Mansur Hasib posted a commentary on InformationWeek.com titled, “ When Patients Fear EHR.”
http://www.informationweek.com/healthcare/electronic-health-records/when-patients-fear-ehr/a/d-id/1297519
Hasib writes, “When patients believe paper medical records are safer and more private than electronic ones, their health can suffer. Many members of the public mistakenly believe electronic health records (EHRs) are less secure than paper files. Magnified by misinformation and political distortion of facts, an unnecessary fear has taken root in the minds of many consumers — often with serious consequences.”
Naturally, I challenged this lame misinformation in a running battle with Hasib and other EHR stakeholders, whose best defense for tolerating abysmally poor security is to point out that storing paper records simply costs too much money.
Easy pickings. I don’t think this group follows the news much. Here is my last post of the day:
EHR news this week:
July 25 – “Confidential records targeted by thieves”
http://www.westsussextoday.co.uk/news/county-news/latest-news/confidential-records-targeted-by-thieves-1-6195180
July 28 – “Haley Chiropractic of Tacoma notifies 6,000 patients after office burglary.”
http://www.phiprivacy.net/haley-chiropractic-of-tacoma-notifies-6000-patients-after-office-burglary/
July 28 – “When departing employees take your PHI with them….”
http://www.phiprivacy.net/when-departing-employees-take-your-phi-with-them/
July 28 – “Study: Data Breaches Pose a Greater Risk”
http://www.foxbusiness.com/personal-finance/2014/07/23/study-data-breaches-pose-greater-risk/
Criticizing paper records for the cost of storage in an effort to increase the perceived value of EHRs is transparently disingenuous. In light of the epidemic level of data breaches from digital records – that is only getting worse – the storage rationalization makes no more sense than promoting EHRs because of doctors’ careless handwriting, or as protection from national disasters.
In my opinion, clueless, vulnerable Americans would be better served if EHR advocates would take ownership of their ever-increasing cost and safety problems rather than serving red herring.
———————————————
Nobody seems willing to respond. Imagine that!
D. Kellus Pruitt DDS
LikeLike
SEC Examiners Zeroing in on Cybersecurity
[Maybe?]
The SEC has yet to produce or even propose any binding rules regarding cyber-security, but officials have been sending strong signals that they expect firms of all sizes to put in place policies and procedures to protect sensitive information.
http://www.financial-planning.com/30-days-30-ways/sec-examiners-zeroing-in-on-advisors-cybersecurity-2690777-1.html?utm_campaign=30%20days%2030%20ways-oct%2015%202014&utm_medium=email&utm_source=newsletter&ET=financialplanning%3Ae3198714%3A86235a%3A&st=email
Donald
LikeLike
The Stimulus Act Started a Cyber Crime Wave of Medical Data Theft
Six years after the American Recovery and Reinvestment Act of 2009 opened the floodgates to digitized medical records, so-called “protected health information” is now the most precious commodity in pilfered consumer data—fetching up to 10 times the price of a stolen credit card number on the “dark Web.” A report from International Data Corporation this month forecasts that 1 in 3 consumers will have their health data compromised next year due to weak cybersecurity.
Starting this year, Medicare-eligible providers who aren’t “meaningful users” of electronic medical records will begin facing penalties. Without a corresponding push to compel investments in security, however, the majority of medical providers incorporated EHR into legacy systems that lacked the technology required to protect it. This created an open pathway for thieves who once would have faced a locked door.
Source: Christpher Moraff, The Daily Beast [12/21/15]
LikeLike