Analyzing the Vulnerability of U.S. Hospitals to Social Engineering Attacks: How Many of Your Employees Would Share Their Password?

Analyzing the Vulnerability of U.S. Hospitals to Social Engineering Attacks: How Many of Your Employees Would Share Their Password?

B. Dawn Medlin (Appalachian State University, USA), Joseph A. Cazier (Appalachian State University, USA) and Daniel P. Foulk (Appalachian State University, USA)
Copyright: © 2008 |Pages: 13
DOI: 10.4018/jisp.2008070106
OnDemand PDF Download:
$37.50

Abstract

One of the main threats to keeping health information secure in today’s digital world is that of social engineering. The healthcare industry has benefitted from its employees’ ability to view patient data. Although access to and transmission of patient data may improve care, increase delivery time of services and reduce health care costs, security of that information may be jeopardized due to the innocent sharing of personal and non-personal data with the wrong person. Through the tactic of social engineering, hackers are able to obtain information from employees that may allow them access into the hospitals networked information system. In this study we simulate a social engineering attack in five different hospitals of varying sizes with the goal of obtaining employees passwords. 73% of respondents shared their password. This raises serious concerns about the state of employee security awareness in our healthcare system.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 11: 4 Issues (2017): Forthcoming, Available for Pre-Order
Volume 10: 4 Issues (2016)
Volume 9: 4 Issues (2015)
Volume 8: 4 Issues (2014)
Volume 7: 4 Issues (2013)
Volume 6: 4 Issues (2012)
Volume 5: 4 Issues (2011)
Volume 4: 4 Issues (2010)
Volume 3: 4 Issues (2009)
Volume 2: 4 Issues (2008)
Volume 1: 4 Issues (2007)
View Complete Journal Contents Listing