September 21, 2011

HIPAA Hacked: ALL YOUR MEDICAL RECORDS ARE BELONG TO US

The origin of ALL YOUR (insert asset here) ARE BELONG TO US#sslsecurityhack SSL/TLS, the encryption system that has been keeping online credit card transactions and HIPAA-sensitive communications safe for over a decade, has broken down. As shown by researchers at a recent conference, a simple tool now gives hackers access to your PayPal transactions and much more. Gonna be fixed? Possibly not for many months, even years, since any change to the SSL/TLS protocols causes ecommerce to break for any number of sites, depending on the server or browser involved in the transaction. The hack is truly a killer app.

Just google SSL/TLS HIPAA and you'll find hundreds of applications that use Secure Sockets Layer/Transport Layer Security technology to secure electronic medical records transactions. (Here's an ironic example of the misinformation out there, labeled "Completely Secure Collection of Web Form Data using SSL".)

An article in The Register reports that a couple of researchers announced a demo of their tool, called BEAST (Browser Exploit Against SSL/TLS), at a Buenos Aires security conference last week. BEAST performs a "plaintext-recovery" attack, exploiting a (previously theoretical, but known) weakness in TLS. During encryption, the TLS protocol scrambles each subsequent block of data based on the previous encrypted block. It had long been theorized that an attack could manipulate the process to make educated guesses about the contents of the plaintext blocks. If a guess is correct, the block cipher will get the same hash for a new block as it used for the previous one, resulting in identical cipher-text. Security just goes POOF.

At the moment, BEAST requires a little under two seconds to decrypt each byte in an encrypted cookie, used by a web browser to secure an online transaction session. Doing the math, a 1,000-byte cookie would take maybe half a minute, but researchers Thai Duong and Juliano Rizzo have now announced that they've tweaked the process down to about ten seconds. That's plenty quick to grab whatever users are sending, decypher it, and, well, steal it.

So, what are browser makers doing to plug this new hole? One word: Nothing. What's the hold up? Well, although this "theoretical" hack has been understood for years, a secure transaction involves just too many parties to get it all straightened out without knocking out millions -- perhaps billions -- of transactions for perhaps an extended period of time. For instance, the Firefox and Chrome browsers (according to w3schools.com, Firefox gets 40.6% of traffic, while Internet explorer gets just 22.4%, and Google Chrome gets 30.3% as of August, 2011) use the open source Network Security Package to implement HTTPS. But there are other security packages out there, and IE uses one of them. Any change would require simultaneous change to all packages. And that's not the half of it; the servers use multiple SSL implementation platforms, such as OpenSSL, and all of those would have to change at the same time. The offending protocol, TLS 1.0, has been available in an upgraded version (1.1 and 1.2) since 2006, but getting all the ducks lined up just isn't happening.  While IE 8 and up include support for TLS 1.1 and 1.2, which do not appear to have the vulnerability, it is not the default, and still relies on servers to accept the protocols without falling back to 1.0.

“The problem is people will not improve things unless you give them a good reason, and by a good reason I mean an exploit... It's terrible, isn't it?” said an analyst with the security firm Qualys.

There appear to be no reliable estimates of the percentage of HIPAA electronic transactions that are secured using SSL with TLS 1.0, but considering that, in the absence of a broadly implemented general browser-server solution, any TLS v1.2 implementations would require proprietary code at both the server and client sides, and transactions running under the hackable version would likely be the overwhelming majority. As of early 2011, Microsoft's .Net framework did not support the updated TLS protocols, suggesting that any EMR, EHR, eligibility and billing applications developed at that time may not support them either. Time to call your vendor?
Check Comments below for updates...

    2 comments:

    1. UPDATE: The BEAST hacking tool requires javascript to be enabled in the browser in order to permit its initial code injection. A possible workaround in some scenarios might be to disable javascript either generally or for HTTPS sessions particularly. Of course, this supposes that javascript is not required for operation of the php, asp, .net or form processing in the browser. Also important to note that no actual attack using this vulnerability has as yet been reported, and SSL/TLS remains the standard for browser-based security.

      ReplyDelete
    2. UPDATE CONTINUED: Playing with a workaround, a prudent temporary diligence is be to try disabling javascript. Different browsers do this differently. http://bit.ly/reophy

      Even some of the most sophisticated web-based software, including eligibility and billing systems, requires javascript for proper operation. This workaround will require case-by-case testing by each vendor. VENDOR HINT: Build an alternative HTML Forms page that does not require javascript, and perhaps go so far as to popup a warning to disable javascript before proceeding, with per-browser instructions. At minimum, a lot of us will be updating our Terms of Service and disclaimers this week. ;)

      ReplyDelete