8. Security Challenges for the Critical Infrastructures of the Healthcare Sector

By Eva Maia | Isabel Praça | Vasiliki Mantzana | Ilias Gkotsis | Paolo Petrucci | Elisabetta Biasin | Erik Kamenjasevic | Nadira Lammari

Downloaded: 2463 times

Published: 17 Sep 2020

© 2020 Eva Maia | Isabel Praça | Vasiliki Mantzana | Ilias Gkotsis | Paolo Petrucci | Elisabetta Biasin | Erik Kamenjasevic | Nadira Lammari

Abstract

Healthcare organisations are an easy target for cybercrime due to their critical and vulnerable infrastructure. Increasing digitalisation has led to the emergence of several security challenges. It is crucial to identify these critical challenges, not only from a technical point of view but also from a legal and management perspective. Recognition of the threats that may arise is also important to be able to fight cybercrime. Not just physical and/or cyber threats are relevant but also the combination of both. It is important to understand how they can impact and destabilise health services, and how they are being used by attackers to achieve their aims. This chapter provides a brief introduction to the critical challenges in the healthcare sector, and a list of recent security incidents. Five main groups of threats and a critical assets categorisation are also presented. Finally, the EBIOS methodology is introduced and used to describe two relevant cyber-physical scenarios of threat.