Cyber-attacks and threats for healthcare – a multi-layer thread analysis

Spanakis, Emmanouil G.; Bonomi, Silvia; Sfakianakis, Stelios; Santucci, Giuseppe; Lenti, Simone; Sorella, Mara; Tanasache, Florin Dragos; Palleschi, A; Ciccotelli, Claudio; Sakkalis, Vangelis; Magalini, Sabina

doi:10.1109/embc44109.2020.9176698

Cited by 25 publications

(28 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The impact of digital technologies and the adoption of digitalisation strategies has enabled healthcare organisations to deliver teleconsultation and tele-expertise, store patient records in an electronic format and interface with connected health devices [ 33 ]. The pervasive nature of digital technologies requires a detailed analysis of the different risk assessment methodologies being adopted within healthcare organisations.…”

Section: Resultsmentioning

confidence: 99%

“…According to ISO/IEC 27000:2018 standard [ 63 ], information security is defined as the measure of confidentiality preserved along with the integrity and availability of data processed by computer systems. However, in a complex organisation of healthcare systems, a broader terminology should be adopted [ 33 ]. Historically, threats to healthcare organisations were classified into physical, such as fire or power interruption, unauthorised physical or electronic access, and authorised physical or electronic access [ 64 ].…”

Section: Resultsmentioning

confidence: 99%

“…Since the publication of such a categorisation of risk assessment, the nature of threats have evolved; currently, the challenges faced by healthcare organisations are related to cyber attacks. In the development of a risk-assessment methodology, authors in [ 33 ] argued that it is vital to model different forms of threat. They stated that threat intelligence should be built on evidence-based knowledge, which includes context, mechanisms, indicators, implications and actionable advice on the emerging menace or hazard to assets.…”

Section: Resultsmentioning

confidence: 99%

“…They stated that threat intelligence should be built on evidence-based knowledge, which includes context, mechanisms, indicators, implications and actionable advice on the emerging menace or hazard to assets. In the literature, there have been several attempts reported on formalising the threat modelling methodologies and threat classification models, such as Structured Threat Information eXpression (STIX), Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE), Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege (STRIDE), the Trike conceptual framework for security auditing, and Visual, Agile, and Simple Threat Modelling (VAST) [ 33 , 64 ]. In [ 64 ], a detailed analysis of the threat modelling process to be adopted for the development of cyber risk assessment is presented.…”

Section: Resultsmentioning

confidence: 99%

See 3 more Smart Citations

Influence of Human Factors on Cyber Security within Healthcare Organisations: A Systematic Review

Nifakos

Chandramouli

Nikolaou

et al. 2021

Sensors

107

View full text Add to dashboard Cite

Background: Cybersecurity is increasingly becoming a prominent concern among healthcare providers in adopting digital technologies for improving the quality of care delivered to patients. The recent reports on cyber attacks, such as ransomware and WannaCry, have brought to life the destructive nature of such attacks upon healthcare. In complement to cyberattacks, which have been targeted against the vulnerabilities of information technology (IT) infrastructures, a new form of cyber attack aims to exploit human vulnerabilities; such attacks are categorised as social engineering attacks. Following an increase in the frequency and ingenuity of attacks launched against hospitals and clinical environments with the intention of causing service disruption, there is a strong need to study the level of awareness programmes and training activities offered to the staff by healthcare organisations. Objective: The objective of this systematic review is to identify commonly encountered factors that cybersecurity postures of a healthcare organisation, resulting from the ignorance of cyber threat to healthcare. The systematic review aims to consolidate the current literature being reported upon human behaviour resulting in security gaps that mitigate the cyber defence strategy adopted by healthcare organisations. Additionally, the paper also reviews the organisational risk assessment methodology implemented and the policies being adopted to strengthen cybersecurity. Methods: The topic of cybersecurity within healthcare and the clinical environment has attracted the interest of several researchers, resulting in a broad range of literature. The inclusion criteria for the articles in the review stem from the scope of the five research questions identified. To this end, we conducted seven search queries across three repositories, namely (i) PubMed®/MED-LINE; (ii) Cumulative Index to Nursing and Allied Health Literature (CINAHL); and (iii) Web of Science (WoS), using key words related to cybersecurity awareness, training, organisation risk assessment methodologies, policies and recommendations adopted as counter measures within health care. These were restricted to around the last 12 years. Results: A total of 70 articles were selected to be included in the review, which addresses the complexity of cybersecurity measures adopted within the healthcare and clinical environments. The articles included in the review highlight the evolving nature of cybersecurity threats stemming from exploiting IT infrastructures to more advanced attacks launched with the intent of exploiting human vulnerability. A steady increase in the literature on the threat of phishing attacks evidences the growing threat of social engineering attacks. As a countermeasure, through the review, we identified articles that provide methodologies resulting from case studies to promote cybersecurity awareness among stakeholders. The articles included highlight the need to adopt cyber hygiene practices among healthcare professionals while accessing social media platforms, which forms an ideal test bed for the attackers to gain insight into the life of healthcare professionals. Additionally, the review also includes articles that present strategies adopted by healthcare organisations in countering the impact of social engineering attacks. The evaluation of the cybersecurity risk assessment of an organisation is another key area of study reported in the literature that recommends the organisation of European and international standards in countering social engineering attacks. Lastly, the review includes articles reporting on national case studies with an overview of the economic and societal impact of service disruptions encountered due to cyberattacks. Discussion: One of the limitations of the review is the subjective ranking of the authors associated to the relevance of literature to each of the research questions identified. We also acknowledge the limited amount of literature that focuses on human factors of cybersecurity in health care in general; therefore, the search queries were formulated using well-established cybersecurity related topics categorised according to the threats, risk assessment and organisational strategies reported in the literature.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Resultsmentioning

confidence: 99%

Section: Resultsmentioning

confidence: 99%

Section: Resultsmentioning

confidence: 99%

See 2 more Smart Citations

Influence of Human Factors on Cyber Security within Healthcare Organisations: A Systematic Review

Nifakos

Chandramouli

Nikolaou

et al. 2021

Sensors

107

View full text Add to dashboard Cite

show abstract

“…The availability of health-care information and patient records in digital form facilitates the persistence and posterity of valuable information and greatly support the decision-making process and even the extraction of new knowledge at both the individual and population levels. In our previous work, we have emphasized on current state of the art about cyber security in the health-care domain with emphasis on current threats and methodologies (3). This work is paraphrasing the famous words by John Donne, "no IT system is an island, entire of itself."…”

Section: Introductionmentioning

confidence: 99%

Emerging and Established Trends to Support Secure Health Information Exchange

Spanakis

Sfakianakis

Bonomi

et al. 2021

Front. Digit. Health

Self Cite

View full text Add to dashboard Cite

This work aims to provide information, guidelines, established practices and standards, and an extensive evaluation on new and promising technologies for the implementation of a secure information sharing platform for health-related data. We focus strictly on the technical aspects and specifically on the sharing of health information, studying innovative techniques for secure information sharing within the health-care domain, and we describe our solution and evaluate the use of blockchain methodologically for integrating within our implementation. To do so, we analyze health information sharing within the concept of the PANACEA project that facilitates the design, implementation, and deployment of a relevant platform. The research presented in this paper provides evidence and argumentation toward advanced and novel implementation strategies for a state-of-the-art information sharing environment; a description of high-level requirements for the transfer of data between different health-care organizations or cross-border; technologies to support the secure interconnectivity and trust between information technology (IT) systems participating in a sharing-data “community”; standards, guidelines, and interoperability specifications for implementing a common understanding and integration in the sharing of clinical information; and the use of cloud computing and prospectively more advanced technologies such as blockchain. The technologies described and the possible implementation approaches are presented in the design of an innovative secure information sharing platform in the health-care domain.

show abstract

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Javorník

Husák

2022

Engineering Reports

View full text Add to dashboard Cite

We present an approach to decision support in cybersecurity with respect to cyber threats and stakeholders' requirements. We approach situations in which cybersecurity experts need to take actions to mitigate the risks, such as temporarily putting an IT system out of operation, but need to consult them with other stakeholders. We propose a decision support system that uses a mission decomposition model representing the organization's functional and security requirements on its IT infrastructure. Based on the cybersecurity state assessment, that is, discovery of vulnerabilities and attacker's position, the decision support system calculates the resilience metrics for each IT infrastructure's configuration, that is, how likely are they to not be disrupted. The calculation is enabled by two novel formal models, Privilege-Exploit Attack Graph and Bayesian Privilege Attack Graph, which reduce complex attack graphs into a comprehensible bipartite graph. Moreover, they illustrate the impact of exploiting the vulnerabilities and attackers gaining the privileges. The system recommends the most resilient mission configurations that are comprehensible to both cybersecurity experts and non-technical stakeholders, who may then choose which configuration to apply. Our approach is illustrated in a case study of a real-world medical information system.

show abstract

Cyber-attacks and threats for healthcare – a multi-layer thread analysis

Cited by 25 publications

References 13 publications

Influence of Human Factors on Cyber Security within Healthcare Organisations: A Systematic Review

Influence of Human Factors on Cyber Security within Healthcare Organisations: A Systematic Review

Emerging and Established Trends to Support Secure Health Information Exchange

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Contact Info

Product

Resources

About