The number of cyber-attacks around the world exploded in 2020: exploiting the Covid-19 pandemic as an opportunity for cybercriminals to take advantage of the shift in focus towards smart working and hospital staff transferred to the frontline.
This paper (July 2018) is an example of early research related to PANACEA, an H2020 funded research and innovation project, carried out by partners from Northumbria University. It highlights the critical role of cybersecurity in protecting patient safety from vulnerabilities in IT systems and malicious attacks, as well as new EU legislation prioritising safety and security.
Abstract: Electronic healthcare technology is prevalent around the world and creates huge potential to improve clinical outcomes and transform care delivery. However, there are increasing concerns relating to the security of healthcare data and devices. Increased connectivity to existing computer networks has exposed medical devices to new cybersecurity vulnerabilities.
Conclusions: Healthcare is an attractive target for cybercrime for two fundamental reasons: it is a rich source of valuable data and its defences are weak. Cybersecurity breaches include stealing health information and ransomware attacks on hospitals, and could include attacks on implanted medical devices. Breaches can reduce patient trust, cripple health systems and threaten human life. Ultimately, cybersecurity is critical to patient safety, yet has historically been lax.
New legislation and regulations are in place to facilitate change. This requires cybersecurity to become an integral part of patient safety. Changes are required to human behaviour, technology and processes as part of a holistic solution.
PANACEA Research perspectives: This is an important background paper for PANACEA, highlighting trends in threats targeting the healthcare industry. With the support of experts from Northumbria University, PANACEA is developing a new toolkit for Secure Behaviour Nudging based on evidence-based techniques and methodologies built around established psychological theories.
Keywords: Cybersecurity breaches; Electronic health records; Medical devices; EU legislation.
Lookout Watch entry date: 07/08/2019