[ISN] Blood bank hack 'risk'

From: InfoSec News (isnat_private)
Date: Tue Sep 09 2003 - 01:13:57 PDT

  • Next message: InfoSec News: "[ISN] Hackers jump through holes in Microsoft patch"

    Ron Hicks
    SEPTEMBER 09, 2003  
    AUSTRALIA'S national blood management system is vulnerable to hacker
    attacks that could cause chaos and potentially endanger lives,
    according to a Red Cross IT insider.
    The new IT system for Australia's first national blood service is also
    tenfold over budget and four years behind schedule, at a time when the
    Red Cross has made an urgent appeal for blood because supplies have
    dropped dangerously low.
    But the greatest concern is the security risk caused by the fact that
    programmers who do the updates and corrections for Australia's blood
    management system are based overseas, including in Macedonia.
    This is because the contract for the new National Blood Authority's
    blood management service -- run through the Australian Red Cross Blood
    Service -- was awarded to MAK-SYSTEM, which is registered in France.
    MAK president and chief executive Simon Kiskovski is originally from
    Eastern Europe and many programmers for the Australian system are in
    Macedonia, which has cheaper IT wages than most Western countries.
    Programmers have encrypted super-user accounts, which mean IT workers
    in charge of the program here cannot always view the code for the
    blood management system, called Progesa.
    "The fact is that they will not let us see what is going on when they
    load patches (to correct a problem or upgrade the system)," said a
    concerned member of the Red Cross IT team.
    "My worry is that the system could be hacked and something could be
    slipped into the code and we would never know.
    "Many of the programs are written in the Visual Basic language, which
    goes back some time, so we are not talking about (needing) phenomenal
    (hacking) skills here.
    "For instance, a Trojan horse could be slipped into the code. It would
    be simple to slip in an algorithm that said, for instance, that every
    prime number blood donation for a multiple of five was HIV-positive.
    "Our relationship with the AIDS community is very good, but you would
    not pick up those false positives immediately, and you would have to
    check each false positive manually. It would cause chaos."
    It also could be coded to give false positives for other potentially
    fatal blood diseases or, false negatives for a life-threatening
    blood-borne disease.
    "If it happened when high volumes of blood were needed, it would slow
    down the vital blood supply," he said.
    The reality is that, apart from exceptional circumstances, there is
    often only a two-to-three day supply of blood readily available.
    In fact, this week the Red Cross had to make a special public appeal
    because blood reserves were so low.
    Some of these vital blood supplies could be lost during a hack attack.
    Some blood products can be stored for long periods, but other crucial
    blood products, such a platelets, can only be stored for about five
    days, and other specialised products only last hours.
    The IT expert said the chances of this type of hack attack may be low,
    but "the world has changed so much over the past few years".
    "If September 11 and Bali had not happened -- and now we have Korea --
    I probably would not be so concerned, but this project is bleeding the
    organisation and it is a security risk."
    A spokesman for MAK SYSTEM in France, Stephane Sajot, said the system
    was "very secure and had not been affected by the latest virus
    He said the company's super-user accounts did not allow access to the
    confidential donor and patient databases. And he said any patches to
    update the system were provided to the ARCBS to implement.
    "We have no privilege to look at the production side. If they deny us
    access to an area, we do not go in," he said.
    Australia's first national blood-management system has been plagued
    with problems.
    It is about four years behind schedule and the cost has blown out from
    between $3 to $4 million to $38.9 million. It still it has not gone
    national and those closely associated with it saying it will not do so
    in its present form.
    The move towards a national blood-management system began about five
    years ago after the federal Government called an inquiry after the
    death of a young girl after a blood transfusion.
    The inquiry, chaired by former governor-general Sir Ninian Stephen,
    recommended the loosely federated Red Cross associations come under a
    federally funded National Blood Authority, which finally came into
    being on July 1.
    The inquiry concluded there should be standardisation of all
    processes, including donor recruitment and administration, collection,
    testing and processing, and the establishment of a national donor
    The first step was to introduce an IT system to run the system.
    The ARC Blood Service came into existence in the mid-1990s and one of
    its earliest tasks was to scour the world for an appropriate
    blood-management system.
    Initially, the ARCBS decided on the US Safe Track system, but
    negotiations broke down and it was abandoned. It then decided on the
    Progesa system, owned by the MAK-SYSTEM company.
    But the new blood-management system ran into trouble in Australia
    virtually from the start when existing servers were incapable of
    running the system and three $2 million servers had to be bought.
    This immediately blew the budget of the project, which the ARC had
    promised the federal Government would cost $3 to $4 million and go
    live in 1999.
    The project's total cost is now officially estimated at $38.9 million
    and a trial of the system has only just begun -- in July -- in
    Adelaide, although it is supposed to go live nationally later in the
    The insider said, in its present form, Progesa was just not capable of
    running our national blood-management system. It was supposed to be
    based on an Oracle 8 relational database management system, but much
    of the program was written in Visual Basic language.
    The insider said: "It was meant to have data centres in Adelaide and
    Sydney, a failover server in Sydney and real-time replication between
    Adelaide and Sydney, so that if it went out in Adelaide, magically the
    whole system would flip over to Sydney and users would not know the
    difference. But it's not possible."
    But Mr Sajot, of MAK, said the delays had not been of MAK's making.
    He said: "This kind of project is not only an IT implementation. Many
    of the different business practices of the Red Cross have been
    renovated, which ... will help in the long term. Most of the problems
    that have extended the time line are not related to the IT system
    itself, but the practices of the ARCBS. Our costs have been according
    to our contract."
    A spokesman for the federal Health Department confirmed the $38.9
    million cost of the project but referred comments on the matter to the
    An ARCBS spokesman was yesterday unable to give technical details
    about security, but said: "The (federal Health Department's)  
    Therapeutic Goods Administration has been involved and I am sure they
    would not have allowed the trial to go ahead unless they were happy."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Sep 09 2003 - 03:54:54 PDT