A Matter of Life and Death: Analyzing the Security of Healthcare Networks - ICT Systems Security and Privacy Protection
Conference Papers Year : 2020

A Matter of Life and Death: Analyzing the Security of Healthcare Networks

Abstract

Healthcare Delivery Organizations (HDOs) are complex institutions where a broad range of devices are interconnected. This inter-connectivity brings security concerns and we are observing an increase in the number and sophistication of cyberattacks on hospitals. In this paper, we explore the current status of network security in HDOs and identify security gaps via a literature study and two observational studies. We first use the literature study to derive a typical network architecture and the threats relevant to HDOs. Then we analyze in the first observational study data from 67 HDOs to highlight the challenges they face with regards to device security and management. The second study leverages the network traffic from 5 HDOs in order to point out a number of concrete observations which depict how patient data can be exposed and how cyber-physical attacks could impact patient health. Finally we offer in this paper a starting point for securing HDOs’ network.
Fichier principal
Vignette du fichier
497034_1_En_24_Chapter.pdf (1.42 Mo) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-03440820 , version 1 (22-11-2021)

Licence

Identifiers

Cite

Guillaume Dupont, Daniel Santos, Elisa Costante, Jerry Den Hartog, Sandro Etalle. A Matter of Life and Death: Analyzing the Security of Healthcare Networks. 35th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2020, Maribor, Slovenia. pp.355-369, ⟨10.1007/978-3-030-58201-2_24⟩. ⟨hal-03440820⟩
45 View
99 Download

Altmetric

Share

More