Cyber-Physical Security in Healthcare

Cyber-Physical Security in Healthcare

Vasiliki Mantzana (Center for Security Studies (KEMEA), Greece), Eleni Darra (Center for Security Studies (KEMEA), Greece) and Ilias Gkotsis (Center for Security Studies (KEMEA), Greece)
Copyright: © 2020 |Pages: 25
DOI: 10.4018/978-1-7998-3059-7.ch003

Abstract

The healthcare sector has been considered a part of critical infrastructure (CI) of society and has faced numerous physical-cyber threats that affect citizens' lives and habits, increase their fears, and influence hospital services provisions. The two most recent ransomware campaigns, WannaCry and Petya, have both managed to infect victims' systems by exploiting existing unpatched vulnerabilities. It is critical to develop an integrated approach in order to fight against combination of physical and cyber threats. In this chapter, key results of the SAFECARE project (H2020-GA787005), which aims is to provide solutions that will improve physical and cyber security, to prevent and detect complex attacks, to promote incident responses and mitigate impacts, will be presented. More specifically, healthcare critical asset vulnerabilities; cyber-physical threats that can affect them; architecture solutions, as well as, some indicative scenarios that will be validated during the project will be presented.
Chapter Preview
Top

Introduction

Critical infrastructure (CI) is an asset or system which is essential for the maintenance of vital societal functions. The damage to a CI, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behavior, may have a significant negative impact for the security of the EU and the well-being of its citizens. Over the last decade, healthcare sector has been considered as a CI and the most vulnerable one, facing numerous physical-cyber threats that affect citizens’ lives and habits, increase their fears and influence hospital services provision. Healthcare sector as a CI is safeguarding people, services, systems and physical infrastructure providing vital operation to the health services.

Health sector is responsible for delivering services that improve, maintain or restore the health of individuals and their communities (World Health Organisation, 2019). These services are large and complex, affect and get affected by multiple interacting actors, such as doctors, nurses, patients, citizens, medical suppliers, health insurance providers etc., with different backgrounds, knowledge, organizational beliefs, interests and culture. Health systems could provide services that are personal and non-personal. Personal health services can be therapeutic or rehabilitative and are delivered to patients and citizens individually. Non-personal health services are actions applied to individuals or collectives and might refer to health education (Peters, Kandola, Elmendorf, & Chellaraj, 1999).

Health services are widely relying on information systems (IS) to optimize organization and costs, whereas ethics and privacy constraints severely restrict security controls and thus increase vulnerability.

Threats in the healthcare sector can result in economic damage, human casualties, property destruction, and hospital assets functionality disruption that can produce cascading effects and harm patients’ and citizens’ confidence. Today, healthcare landscape is facing major threats, which cannot be analyzed as physical or cyber independently, and therefore it is critical to develop an integrated approach in order to fight against such combination of threats. Cyber-physical attacks are the results of the exploitable vulnerabilities that need to be considered by hospitals.

In this chapter, we will focus on a framework related to the enhancement of Hospitals’ security and resilience, and respective solutions that will improve physical and cyber security to prevent and detect complex attacks, to promote incident responses and mitigate the impacts, based on the work implemented and further foreseen under SAFECARE project (H2020-GA787005),. In these terms, we will initially analyze the normative literature on CI and healthcare sector security and safety challenges and protection. In doing this, we will present healthcare critical assets’ vulnerabilities and describe cyber-physical threats that can affect them (as they have been identified in SAFECARE). In addition, SAFECARE architecture solution will be presented, including a cyber-physical security system and proposed strategies that can boost their protection; avoid threats’ cascading effects; enhance internal and external stakeholders’ communication and response; mitigate impacts; and maintain healthcare services secure and available to citizens. Finally, some representative scenarios that will be validated during the project will be analyzed.

Key Terms in this Chapter

Threat: Potential cause of an unwanted incident, which may result in harm to individuals, assets, a system or organization, the environment or the community.

Incident: Situation that can be, or could lead to, a disruption, loss, emergency or crisis

Hospital: An institution providing medical and surgical treatment and nursing care for sick or injured people.

Cyber Incident: A cyber event that: a) jeopardizes the cyber security of an information system or the information the system processes, stores or transmits; or b) violates the security policies, security procedures or acceptable use policies, whether resulting from malicious activity or not.

Healthcare: Healthcare is defined as the prevention and treatment of diseases through medical professional services.

Prevention: Measures that enable an organization to avoid, preclude or limit the impact of an undesirable event or potential disruption

Vulnerability: Weakness of an asset or control that can be exploited by one or more threats. The existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the computer system, network, application, or protocol involved.

Asset: Something of either tangible or intangible value that is worth protecting, including people, information, infrastructure, finances and reputation.

Cyber: Relating to, within, or through the medium of the interconnected information infrastructure of interactions among persons, processes, data, and information systems.

Attack: Attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset

Complete Chapter List

Search this Book:
Reset