One of Finland’s private psychiatric companies has been hacked and patient data has been stolen. The criminals who are responsible, are demanding over €400 000 in bitcoins or they will disclose names and other details about patients – 100 for each day payment is not made.
This is just another example of how networks just cannot be trusted. When will governments wake up to the fact that we cannot continue to put sensitive information on to computers and expect that the security systems are so strong that nobody can break into them?
There are five matters of great concern here and it should not be impossible for governments to react if they really wanted to:
- In the first place huge sets of patient information should not be stored and communicated over the Internet, unless it is encrypted with the toughest codes, and the codes are kept secret in a physical vault.At the moment it appears that there is no such thing as the “toughest code” because as soon as one is created there are a dozen hackers trying to crack that code!
Every Finn has access to their health records through a system called “OmaKanta”. You have to sign in using your bank identifier or one from the telephone operator. Once opened anyone looking at your screen will be able to steal the data and that is not too hard because few people have the best security on their laptop or on their phone. It is not that risky because a hacker would have to wait patiently a month or two for the user to open the account… and then he would only have stolen one patient’s data…
- It appears that the government has not demanded that the private healthcare providers have the best possible security in place. That is really negligent and this event could have the makings of an interesting legal case of criminal negligence against the responsible civil servant or minister and the private company in question.
Strong sanctions are needed to make sure that this does not happen again. - It appears that our government is quite happy to see bitcoin being used. This is nothing more than a method of payment for criminals and people who have stuff to conceal. There is absolutely no need in this world for this currency to exist. The Financial Supervision and the Police are responsible for our financial security. It could be said that they are not doing their duty by allowing bitcoin to operate in this country. This is something that needs to be stopped and if that is impossible then back doors are necessary to trace all payments.
- It appears that our government is quite happy to see Tor Networks being used. It is said that they are used to guarantee free speech because users are anonymous, but that benefit needs to be balanced against the their use by criminals. In countries where free speech is stopped the governments are probably able to break into these networks and listen in… In any case free speech can be managed without Tor Networks, like letters and encrypted emails…These networks are probably bigger hotbeds for criminals to communicate. The profits made from crime area big incentive for criminal users to dominate relative to those who use them for free speech. The Financial Supervision and the Police are responsible for the security, and Tor Networks are something that needs to be stopped. Countries like Finland have no need to use them inside or outside the country. You will hear the same arguments about guns.
Back doors are necessary to trace all communications and their IP addresses. - The patient data is in Finnish, so we can assume that the criminals are Finns. They need to be locked up. Is it that hard to trace these people and close down their accounts for ever?
It is an incredible myth to believe that the Internet is the greatest invention since electricity or printing. The system is incredibly insecure – criminals appear to be able to trick ordinary folk and central banks to part with their money quite easily. We all know that state actors like Russia, China and North Korea are dangerous criminals on these networks, but so are ordinary criminals in almost every country, including, it appears, in Finland.