Ransomware: Impacts in healthcare critical infrastructure

Abstract

Ransomware attacks have a long history of impacting healthcare providers, despite the importance of the sector to contemporary societies. This chapter will outline the emergence of healthcare as an industry of critical infrastructure and provide specific examples and learnings from ransomware incidents that have impacted millions of patients - and cost millions of dollars - around the world. An examination is undertaken of healthcare data breach reporting schemes from the United States, United Kingdom, and Australia to evidence the prevalence of ransomware incidents. A detailed data breach correlation investigation is performed using the Australian evidence, showing that multiple causes recur around certain events to form a ransomware attack chain map for healthcare. Also presented is a PEST risk analysis, showing the motivations to conduct ransomware attacks against healthcare based on political, economic, social, or technological factors. The chapter concludes with a presentation of the cyber-AIDD governance approach, specifically intended for healthcare providers to address the interdependent problems of attack identification, incident management, and data breach or data disclosure mitigations.

RAS ID

77605

Document Type

Book Chapter

Date of Publication

12-23-2024

School

School of Science

Copyright

subscription content

Publisher

Taylor & Francis

Comments

Dart, M. (2024). Ransomware: Impacts in healthcare critical infrastructure. In M. Ahmed (Ed.), Ransomware evolution (pp. 50-89). CRC Press. https://doi.org/10.1201/9781003469506-6

Share

 
COinS
 

Link to publisher version (DOI)

10.1201/9781003469506-6