Halo maneh! Aku wis maneh nemokake database mbukak karo data medical kanggo sampeyan. Ayo kula ngelingake sampeyan yen bubar ana telung artikel babagan topik iki: , ΠΈ .
Wektu iki, server Elasticsearch kanthi log saka sistem IT medis jaringan laboratorium kasedhiya kanggo umum.Pusat Diagnostik Molekul"(CMD, www.cmd-online.ru).
ΠΠΈΡΠΊΠ»Π΅ΠΉΠΌΠ΅Ρ: Π²ΡΡ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ Π½ΠΈΠΆΠ΅ ΠΏΡΠ±Π»ΠΈΠΊΡΠ΅ΡΡΡ ΠΈΡΠΊΠ»ΡΡΠΈΡΠ΅Π»ΡΠ½ΠΎ Π² ΠΎΠ±ΡΠ°Π·ΠΎΠ²Π°ΡΠ΅Π»ΡΠ½ΡΡ
ΡΠ΅Π»ΡΡ
. ΠΠ²ΡΠΎΡ Π½Π΅ ΠΏΠΎΠ»ΡΡΠ°Π» Π΄ΠΎΡΡΡΠΏΠ° ΠΊ ΠΏΠ΅ΡΡΠΎΠ½Π°Π»ΡΠ½ΡΠΌ Π΄Π°Π½Π½ΡΠΌ ΡΡΠ΅ΡΡΠΈΡ
Π»ΠΈΡ ΠΈ ΠΊΠΎΠΌΠΏΠ°Π½ΠΈΠΉ. ΠΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ Π²Π·ΡΡΠ° Π»ΠΈΠ±ΠΎ ΠΈΠ· ΠΎΡΠΊΡΡΡΡΡ
ΠΈΡΡΠΎΡΠ½ΠΈΠΊΠΎΠ², Π»ΠΈΠ±ΠΎ Π±ΡΠ»Π° ΠΏΡΠ΅Π΄ΠΎΡΡΠ°Π²Π»Π΅Π½Π° Π°Π²ΡΠΎΡΡ Π°Π½ΠΎΠ½ΠΈΠΌΠ½ΡΠΌΠΈ Π΄ΠΎΠ±ΡΠΎΠΆΠ΅Π»Π°ΡΠ΅Π»ΡΠΌΠΈ.
Server ditemokakΓ© ing esuk 1. April lan iku ora koyone lucu kanggo kula ing kabeh. Kabar babagan masalah kasebut menyang CMD kira-kira jam 10 am (wektu Moscow) lan kira-kira jam 15:00 database dadi ora bisa diakses.
Miturut mesin telusur Shodan, server iki pisanan kasedhiya kanggo umum ing 09.03.2019/XNUMX/XNUMX. Babagan kuwi , Aku nulis artikel kapisah.
Informasi sing sensitif banget bisa dipikolehi saka log, kalebu Jeneng lengkap, jenis kelamin, tanggal lair pasien, jeneng lengkap dokter, biaya riset, data riset, file kanthi asil skrining lan luwih akeh.
Conto log kanthi asil tes pasien:
"<Message FromSystem="CMDLis" ToSystem="Any" Date="2019-02-26T14:40:23.773"><Patient ID="9663150" Code="A18196930" Family="XXX" Name="XXX" Patronymic="XXX" BornDate="XXX-03-29" SexType="F"><Document>ΠΠ°ΡΠΏΠΎΡΡ</Document><Order ID="11616539" Number="DWW9867570" State="normal" Date="2017-11-29T12:58:26.933" Department="1513" DepartmentAltey="13232" DepartmentName="Π‘ΠΌΠ°ΠΉΠ» ΠΠ»ΠΈΡ" FullPrice="1404.0000" Price="1404.0000" Debt="1404.0000" NaprOrdered="2" NaprCompleted="2" ReadyDate="2017-12-01T07:30:01" FinishDate="2017-11-29T20:39:52.870" Registrator="A759" Doctor="A75619" DoctorFamily="XXX" DoctorName="XXX" DoctorPatronymic="XXX"><OrderInfo Name="TEMP_CODE">0423BF97FA5E</OrderInfo><OrderInfo Name="ΠΠ΅ΡΠ΅ΠΌΠ΅Π½Π½ΠΎΡΡΡ">-1</OrderInfo><OrderInfo Name="ΠΠΈΠ½">DWW98675708386841791</OrderInfo><OrderInfo Name="Π‘ΠΊΠΈΠ΄ΠΊΠ°ΠΠ°ΠΠ°ΠΊΠ°Π·">0</OrderInfo><OrderInfo Name="Π‘ΠΠΠ΄Π΅ΠΉΡΡΠ²ΠΈΡΠ΅Π»Π΅Π½ΠΠΎ">18.03.2019</OrderInfo><OrderInfo Name="Π‘ΠΠΡΠ΅ΡΡΠΈΡΠΈΠΊΠ°Ρ">Π ΠΠ‘Π‘ RU.13Π‘Π03.00601</OrderInfo><Serv Link="1" PathologyServ="1" Code="110101" Name="ΠΠ±ΡΠΈΠΉ Π°Π½Π°Π»ΠΈΠ· ΠΌΠΎΡΠΈ (Urine test) Ρ ΠΌΠΈΠΊΡΠΎΡΠΊΠΎΠΏΠΈΠ΅ΠΉ ΠΎΡΠ°Π΄ΠΊΠ°" Priority="NORMAL" FullPrice="98.0000" Price="98.0000" ReadyDate="2017-11-30T07:30:01" FinishDate="2017-11-29T20:14:22.160" State="normal"/><Serv Link="2" Code="300024" Name="ΠΡΠ΅Π½Π°ΡΠ°Π»ΡΠ½ΡΠΉ ΡΠΊΡΠΈΠ½ΠΈΠ½Π³ II ΡΡΠΈΠΌΠ΅ΡΡΡΠ° Π±Π΅ΡΠ΅ΠΌΠ΅Π½Π½ΠΎΡΡΠΈ, ΡΠ°ΡΡΠ΅Ρ ΡΠΈΡΠΊΠ° Ρ
ΡΠΎΠΌΠΎΡΠΎΠΌΠ½ΡΡ
Π°Π½ΠΎΠΌΠ°Π»ΠΈΠΉ ΠΏΠ»ΠΎΠ΄Π°, ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠ° LifeCycle (DELFIA)" Priority="NORMAL" FullPrice="1306.0000" Price="1306.0000" ReadyDate="2017-12-01T07:30:01" FinishDate="2017-11-29T20:39:52.870" State="normal"/><Probe ID="64213791" Number="3716965325" Date="2017-11-29T00:00:00" OuterNumber="66477805" Barcode="3716965325" Biomater="66" BiomaterName="ΠΡΠΎΠ²Ρ (ΡΡΠ²ΠΎΡΠΎΡΠΊΠ°)" Type="physical"><Probe ID="64213796" Number="P80V0018" Date="2017-11-29T12:58:26.933" Biomater="66" BiomaterName="ΠΡΠΎΠ²Ρ (ΡΡΠ²ΠΎΡΠΎΡΠΊΠ°)" WorkList="80" WorkListName="ΠΡΠ΅Π½Π°ΡΠ°Π»ΡΠ½ΡΠΉ ΡΠΊΡΠΈΠ½ΠΈΠ½Π³" Type="virtual"><Param State="Valid" User="A872" UserFIO="XXX" UserStaff="ΠΡΠ°Ρ ΠΠΠ" Code="3005" guid="7BA0745FD502A80C73C2CAD341610598" Name="ΠΡΠ΅Π½Π°ΡΠ°Π»ΡΠ½ΡΠΉ ΡΠΊΡΠΈΠ½ΠΈΠ½Π³ II ΡΡΠΈΠΌΠ΅ΡΡΡΠ° Π±Π΅ΡΠ΅ΠΌΠ΅Π½Π½ΠΎΡΡΠΈ, ΡΠ°ΡΡΠ΅Ρ ΡΠΈΡΠΊΠ° Ρ
ΡΠΎΠΌΠΎΡΠΎΠΌΠ½ΡΡ
Π°Π½ΠΎΠΌΠ°Π»ΠΈΠΉ ΠΏΠ»ΠΎΠ΄Π°, ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠ° LifeCycle (DELFIA)" Group="ΠΠ ΠΠΠΠ’ΠΠΠ¬ΠΠ«Π Π‘ΠΠ ΠΠΠΠΠ" GroupCode="80" GroupSort="0" Page="1" Sort="2"><LinkServ IsOptional="0">2</LinkServ><Result Name="ΠΡΠ΅Π½Π°ΡΠ°Π»ΡΠ½ΡΠΉ ΡΠΊΡΠΈΠ½ΠΈΠ½Π³ II ΡΡΠΈΠΌΠ΅ΡΡΡΠ° Π±Π΅ΡΠ΅ΠΌΠ΅Π½Π½ΠΎΡΡΠΈ, ΡΠ°ΡΡΠ΅Ρ ΡΠΈΡΠΊΠ° Ρ
ΡΠΎΠΌΠΎΡΠΎΠΌΠ½ΡΡ
Π°Π½ΠΎΠΌΠ°Π»ΠΈΠΉ ΠΏΠ»ΠΎΠ΄Π°, ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠ° LifeCycle (DELFIA)" Value="ΠΠΎΡΠΎΠ² (ΡΠΌ.ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅)" User="A872" UserFIO="XXX" Date="2017-11-29T20:39:03.370" isVisible="1" HidePathology="0" IsNew="0"><File Name="ΠΡΠ΅Π½Π°ΡΠ°Π»ΡΠ½ΡΠΉ ΡΠΊΡΠΈΠ½ΠΈΠ½Π³ 2 ΡΡΠΈΠΌΠ΅ΡΡΡ_page1.png" Type="image" Format="png" Title="3716965325_prenetal2_page1" Description="ΠΡΠ΅Π½Π°ΡΠ°Π»ΡΠ½ΡΠΉ ΡΠΊΡΠΈΠ½ΠΈΠ½Π³ 2 ΡΡΠΈΠΌΠ΅ΡΡΡ_page1" Sort="1">iVBORw0KGgoAAAANSUhEUgAABfoAAAfuCAIAAAArOR8rAAD//0lEQVR4Xuy9P7BtQ7u+/e3oECF6iRAhQoQI0SZCtIkQIdpEiBCxI0SIECFiV50qRKg6VYgQIUKEiDfiRL7rnPtXz+nqHnPMsfb6s+cc61rBqjl79Oh++uoe/eceT/c8888///Aku wis ngisi kabeh data sensitif karo "X". Ing kasunyatan, kabeh tetep mbukak.
Saka log kasebut, gampang (kanthi ngowahi saka Base64) entuk file PNG kanthi asil saringan, wis ana ing wangun sing gampang diwaca:
Ukuran total log ngluwihi 400 MB lan total ngemot luwih saka yuta entri. Cetha yen ora saben rekaman nuduhake data pasien sing unik.
Tanggapan resmi saka CMD:
Kita arep matur nuwun amarga cepet ngirim informasi tanggal 01.04.2019 April XNUMX babagan ananΓ© kerentanan ing database logging lan panyimpenan kesalahan Elasticsearch.
Adhedhasar informasi kasebut, karyawan kita, bebarengan karo spesialis sing relevan, diwatesi akses menyang database kasebut. Kesalahan nalika nransfer informasi rahasia menyang basis data teknis wis didandani.
Sajrone analisis kedadeyan kasebut, bisa ditemokake yen tampilan database sing ditemtokake kanthi log kesalahan ing domain umum amarga ana alesan sing ana gandhengane karo faktor manungsa. Akses menyang data kasebut langsung ditutup ing 01.04.2019/XNUMX/XNUMX.
Saiki, spesialis internal lan eksternal njupuk langkah-langkah kanggo nambah audit infrastruktur IT kanggo proteksi data.
Organisasi kita wis nggawe peraturan khusus kanggo nggarap data pribadhi lan sistem tingkat tanggung jawab personel.
Infrastruktur piranti lunak saiki nggunakake database Elasticsearch kanggo nyimpen kesalahan. Kanggo nambah linuwih sawetara sistem, server sing cocog bakal dipindhah menyang pusat data partner kita, menyang lingkungan piranti lunak lan hardware sing disertifikasi.
Matur nuwun kanggo informasi pas wektune diwenehake.
Warta babagan bocor informasi lan wong njero mesthi bisa ditemokake ing saluran Telegramku "".
Source: www.habr.com