A Matter of Life and Death: Analyzing the Security of Healthcare Networks

Guillaume Dupont, Daniel Ricardo dos Santos, Elisa Costante, Jerry den Hartog, Sandro Etalle

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

Abstract

Healthcare Delivery Organizations (HDOs) are complex institutions where a broad range of devices are interconnected. This inter-connectivity brings security concerns and we are observing an increase in the number and sophistication of cyberattacks on hospitals. In this paper, we explore the current status of network security in HDOs and identify security gaps via a literature study and two observational studies. We first use the literature study to derive a typical network architecture and the threats relevant to HDOs. Then we analyze in the first observational study data from 67 HDOs to highlight the challenges they face with regards to device security and management. The second study leverages the network traffic from 5 HDOs in order to point out a number of concrete observations which depict how patient data can be exposed and how cyber-physical attacks could impact patient health. Finally we offer in this paper a starting point for securing HDOs’ network.

Original languageEnglish
Title of host publicationICT Systems Security and Privacy Protection - 35th IFIP TC 11 International Conference, SEC 2020, Proceedings
EditorsMarko Hölbl, Tatjana Welzer, Kai Rannenberg
PublisherSpringer Science and Business Media Deutschland GmbH
Pages355-369
Number of pages15
ISBN (Print)9783030582005
DOIs
Publication statusPublished - 2020
Event35th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2020 - Maribor, Slovenia
Duration: 21 Sep 202023 Sep 2020

Publication series

NameIFIP Advances in Information and Communication Technology
Volume580 IFIP
ISSN (Print)1868-4238
ISSN (Electronic)1868-422X

Conference

Conference35th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2020
CountrySlovenia
CityMaribor
Period21/09/2023/09/20

Keywords

  • Healthcare
  • Medical devices
  • Network security

Fingerprint Dive into the research topics of 'A Matter of Life and Death: Analyzing the Security of Healthcare Networks'. Together they form a unique fingerprint.

Cite this