Blood bank hack 'risk'

[InfoSec News <isn () c4i org>]

http://australianit.news.com.au/articles/0,7204,7206125%5E15306%5E%5Enbv%5E,00.html

Ron Hicks
SEPTEMBER 09, 2003  
 
AUSTRALIA'S national blood management system is vulnerable to hacker
attacks that could cause chaos and potentially endanger lives,
according to a Red Cross IT insider.

The new IT system for Australia's first national blood service is also
tenfold over budget and four years behind schedule, at a time when the
Red Cross has made an urgent appeal for blood because supplies have
dropped dangerously low.

But the greatest concern is the security risk caused by the fact that
programmers who do the updates and corrections for Australia's blood
management system are based overseas, including in Macedonia.

This is because the contract for the new National Blood Authority's
blood management service -- run through the Australian Red Cross Blood
Service -- was awarded to MAK-SYSTEM, which is registered in France.

MAK president and chief executive Simon Kiskovski is originally from
Eastern Europe and many programmers for the Australian system are in
Macedonia, which has cheaper IT wages than most Western countries.

Programmers have encrypted super-user accounts, which mean IT workers
in charge of the program here cannot always view the code for the
blood management system, called Progesa.

"The fact is that they will not let us see what is going on when they
load patches (to correct a problem or upgrade the system)," said a
concerned member of the Red Cross IT team.

"My worry is that the system could be hacked and something could be
slipped into the code and we would never know.

"Many of the programs are written in the Visual Basic language, which
goes back some time, so we are not talking about (needing) phenomenal
(hacking) skills here.

"For instance, a Trojan horse could be slipped into the code. It would
be simple to slip in an algorithm that said, for instance, that every
prime number blood donation for a multiple of five was HIV-positive.

"Our relationship with the AIDS community is very good, but you would
not pick up those false positives immediately, and you would have to
check each false positive manually. It would cause chaos."

It also could be coded to give false positives for other potentially
fatal blood diseases or, false negatives for a life-threatening
blood-borne disease.

"If it happened when high volumes of blood were needed, it would slow
down the vital blood supply," he said.

The reality is that, apart from exceptional circumstances, there is
often only a two-to-three day supply of blood readily available.

In fact, this week the Red Cross had to make a special public appeal
because blood reserves were so low.

Some of these vital blood supplies could be lost during a hack attack.

Some blood products can be stored for long periods, but other crucial
blood products, such a platelets, can only be stored for about five
days, and other specialised products only last hours.

The IT expert said the chances of this type of hack attack may be low,
but "the world has changed so much over the past few years".

"If September 11 and Bali had not happened -- and now we have Korea --
I probably would not be so concerned, but this project is bleeding the
organisation and it is a security risk."

A spokesman for MAK SYSTEM in France, Stephane Sajot, said the system
was "very secure and had not been affected by the latest virus
scares".

He said the company's super-user accounts did not allow access to the
confidential donor and patient databases. And he said any patches to
update the system were provided to the ARCBS to implement.

"We have no privilege to look at the production side. If they deny us
access to an area, we do not go in," he said.

Australia's first national blood-management system has been plagued
with problems.

It is about four years behind schedule and the cost has blown out from
between $3 to $4 million to $38.9 million. It still it has not gone
national and those closely associated with it saying it will not do so
in its present form.

The move towards a national blood-management system began about five
years ago after the federal Government called an inquiry after the
death of a young girl after a blood transfusion.

The inquiry, chaired by former governor-general Sir Ninian Stephen,
recommended the loosely federated Red Cross associations come under a
federally funded National Blood Authority, which finally came into
being on July 1.

The inquiry concluded there should be standardisation of all
processes, including donor recruitment and administration, collection,
testing and processing, and the establishment of a national donor
database.

The first step was to introduce an IT system to run the system.

The ARC Blood Service came into existence in the mid-1990s and one of
its earliest tasks was to scour the world for an appropriate
blood-management system.

Initially, the ARCBS decided on the US Safe Track system, but
negotiations broke down and it was abandoned. It then decided on the
Progesa system, owned by the MAK-SYSTEM company.

But the new blood-management system ran into trouble in Australia
virtually from the start when existing servers were incapable of
running the system and three $2 million servers had to be bought.

This immediately blew the budget of the project, which the ARC had
promised the federal Government would cost $3 to $4 million and go
live in 1999.

The project's total cost is now officially estimated at $38.9 million
and a trial of the system has only just begun -- in July -- in
Adelaide, although it is supposed to go live nationally later in the
year.

The insider said, in its present form, Progesa was just not capable of
running our national blood-management system. It was supposed to be
based on an Oracle 8 relational database management system, but much
of the program was written in Visual Basic language.

The insider said: "It was meant to have data centres in Adelaide and
Sydney, a failover server in Sydney and real-time replication between
Adelaide and Sydney, so that if it went out in Adelaide, magically the
whole system would flip over to Sydney and users would not know the
difference. But it's not possible."

But Mr Sajot, of MAK, said the delays had not been of MAK's making.

He said: "This kind of project is not only an IT implementation. Many
of the different business practices of the Red Cross have been
renovated, which ... will help in the long term. Most of the problems
that have extended the time line are not related to the IT system
itself, but the practices of the ARCBS. Our costs have been according
to our contract."

A spokesman for the federal Health Department confirmed the $38.9
million cost of the project but referred comments on the matter to the
ARCBS.

An ARCBS spokesman was yesterday unable to give technical details
about security, but said: "The (federal Health Department's)  
Therapeutic Goods Administration has been involved and I am sure they
would not have allowed the trial to go ahead unless they were happy."



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.