A Systematic Literature Review on Cybersecurity Threats to Healthcare Data and Mitigation Strategies
Khanyisile Vilakazi,
Funmi Adebesin
Abstract:The incidence of cyberattacks on healthcare institutions has seen a steady increase over the years, with a massive increase of 42% in 2020. More specifically, INTERPOL reported a substantial increase in ransomware attacks on healthcare institutions at the height of the Covid-19 pandemic. This increase can be attributed to the rise in the adoption of digital technologies, such as the Medical Internet of Things (MIoT), to support healthcare services. The sensitive nature of healthcare data and the volume of data… Show more
“…Sardi et al [38] literature review strengthens the themes raised by the previous two literature reviews [34,35] regarding the growing cyber-risk in healthcare. Their analysis identified four key themes: human actions, system failures, internal process breakdowns, and external events.…”
Section: Literature Surveymentioning
confidence: 60%
“…Vilakazi and Adebesin [34] conducted a systematic literature review to explore mitigation strategies for cybersecurity threats targeting healthcare data. The review identified several critical vulnerabilities in healthcare cybersecurity.…”
Section: Literature Surveymentioning
confidence: 99%
“…While Aldossri and Rahman [35] identified similar cybersecurity challenges in healthcare as Vilakazi and Adebesin [34], their research identified several key areas of concern in healthcare cybersecurity: human factors, technological vulnerabilities, data security and privacy, insider threats, and external attacks. The studies reviewed highlighted the critical need for staff training and awareness programs.…”
The Australian healthcare sector is a complex mix of government departments, associations, providers, professionals, and consumers. Cybersecurity attacks, which have recently increased, challenge the sector in many ways; however, the best approaches for the sector to manage the threat are unclear. This study will report on a semi-structured focus group conducted with five representatives from the Australian healthcare and computer security sectors. An analysis of this focus group transcript yielded four themes: 1) the challenge of securing the Australian healthcare landscape; 2) the financial challenges of cybersecurity in healthcare; 3) balancing privacy and transparency; 4) education and regulation. The results indicate the need for sector-specific tools to empower the healthcare sector to mitigate cybersecurity threats, most notably using a self-evaluation tool so stakeholders can proactively prepare for incidents. Despite the vast amount of research into cybersecurity, little has been conducted on proactive cybersecurity approaches where security weaknesses are identified weaknesses before they occur.
“…Sardi et al [38] literature review strengthens the themes raised by the previous two literature reviews [34,35] regarding the growing cyber-risk in healthcare. Their analysis identified four key themes: human actions, system failures, internal process breakdowns, and external events.…”
Section: Literature Surveymentioning
confidence: 60%
“…Vilakazi and Adebesin [34] conducted a systematic literature review to explore mitigation strategies for cybersecurity threats targeting healthcare data. The review identified several critical vulnerabilities in healthcare cybersecurity.…”
Section: Literature Surveymentioning
confidence: 99%
“…While Aldossri and Rahman [35] identified similar cybersecurity challenges in healthcare as Vilakazi and Adebesin [34], their research identified several key areas of concern in healthcare cybersecurity: human factors, technological vulnerabilities, data security and privacy, insider threats, and external attacks. The studies reviewed highlighted the critical need for staff training and awareness programs.…”
The Australian healthcare sector is a complex mix of government departments, associations, providers, professionals, and consumers. Cybersecurity attacks, which have recently increased, challenge the sector in many ways; however, the best approaches for the sector to manage the threat are unclear. This study will report on a semi-structured focus group conducted with five representatives from the Australian healthcare and computer security sectors. An analysis of this focus group transcript yielded four themes: 1) the challenge of securing the Australian healthcare landscape; 2) the financial challenges of cybersecurity in healthcare; 3) balancing privacy and transparency; 4) education and regulation. The results indicate the need for sector-specific tools to empower the healthcare sector to mitigate cybersecurity threats, most notably using a self-evaluation tool so stakeholders can proactively prepare for incidents. Despite the vast amount of research into cybersecurity, little has been conducted on proactive cybersecurity approaches where security weaknesses are identified weaknesses before they occur.
“…Because humans are considered the weakest link, smart healthcare providers must conduct regular training and awareness programs to educate healthcare professionals, patients, and other stakeholders about cyber threats and best security practices through lectures, seminars, and games [139][140] [168]. Smart healthcare users need high-quality education and training programs that include up-to-date information, tips, recommendations, and campaigns that are simple to remember and apply to prevent healthcare user-related cyber-attacks.…”
Section: Security Awareness and Trainingmentioning
confidence: 99%
“…For example, healthcare users are trained on phishing attacks, patient rights, sensitive patient medical data security, SHS or end-user device security, IoMT device and application protection, the risks associated with data breaches and cyberattacks, and best security practices for strong login credentials and network and Wi-Fi security [141]. Training healthcare professionals and patients on best security practices and potential cyber threats in SHSs can help reduce human error, prevent security breaches caused by social engineering attacks, avoid unintended medical data leaks, reduce cybersecurity incidents, and improve patient safety and well-being [168].…”
Section: Security Awareness and Trainingmentioning
Cutting-edge technologies have been widely employed in healthcare delivery, resulting in transformative advances and promising enhanced patient care, operational efficiency, and resource usage. However, the proliferation of networked devices and data-driven systems has created new cybersecurity threats that jeopardize the integrity, confidentiality, and availability of critical healthcare data. This review paper offers a comprehensive evaluation of the current state of cybersecurity in the context of smart healthcare, presenting a structured taxonomy of its existing cyber threats, mechanisms and essential roles. This study explored cybersecurity and smart healthcare systems (SHSs). It identified and discussed the most pressing cyber threats and attacks that SHSs face, including fake base stations, medjacking, and Sybil attacks. This study examined the security measures deployed to combat cyber threats and attacks in SHSs. These measures include cryptographic-based techniques, digital watermarking, digital steganography, and many others. Patient data protection, the prevention of data breaches, and the maintenance of SHS integrity and availability are some of the roles of cybersecurity in ensuring sustainable smart healthcare. The long-term viability of smart healthcare depends on the constant assessment of cyber risks that harm healthcare providers, patients, and professionals. This review aims to inform policymakers, healthcare practitioners, and technology stakeholders about the critical imperatives and best practices for fostering a secure and resilient smart healthcare ecosystem by synthesizing insights from multidisciplinary perspectives, such as cybersecurity, healthcare management, and sustainability research. Understanding the most recent cybersecurity measures is critical for controlling escalating cyber threats and attacks on SHSs and networks and encouraging intelligent healthcare delivery.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.