Cyberattack Path Generation and Prioritisation for Securing Healthcare Systems

Islam, Shareeful and Papastergiou, Spyridon and Kalogeraki, Eleni-Maria and Kioskli, Kitty (2022) Cyberattack Path Generation and Prioritisation for Securing Healthcare Systems. Applied Sciences, 12 (9). p. 4443. ISSN 2076-3417

[img]
Preview
Text
Published Version
Available under the following license: Creative Commons Attribution.

Download (1MB) | Preview
Official URL: http://dx.doi.org/10.3390/app12094443

Abstract

Cyberattacks in the healthcare sector are constantly increasing due to the increased usage of information technology in modern healthcare and the benefits of acquiring a patient healthcare record. Attack path discovery provides useful information to identify the possible paths that potential attackers might follow for a successful attack. By identifying the necessary paths, the mitigation of potential attacks becomes more effective in a proactive manner. Recently, there have been several works that focus on cyberattack path discovery in various sectors, mainly on critical infrastructure. However, there is a lack of focus on the vulnerability, exploitability and target user profile for the attack path generation. This is important for healthcare systems where users commonly have a lack of awareness and knowledge about the overall IT infrastructure. This paper presents a novel methodology for the cyberattack path discovery that is used to identify and analyse the possible attack paths and prioritise the ones that require immediate attention to ensure security within the healthcare ecosystem. The proposed methodology follows the existing published vulnerabilities from common vulnerabilities and exposures. It adopts the common vulnerability scoring system so that base metrics and exploitability features can be used to determine and prioritise the possible attack paths based on the threat actor capability, asset dependency and target user profile and evidence of indicator of compromise. The work includes a real example from the healthcare use case to demonstrate the methodology used for the attack path generation. The result from the studied context, which processes big data from healthcare applications, shows that the uses of various parameters such as CVSS metrics, threat actor profile, and Indicator of Compromise allow us to generate realistic attack paths. This certainly supports the healthcare practitioners in identifying the controls that are required to secure the overall healthcare ecosystem.

Item Type: Journal Article
Keywords: healthcare ecosystem, medical devices, cyberattack path, vulnerability, exploitability
Faculty: Faculty of Science & Engineering
SWORD Depositor: Symplectic User
Depositing User: Symplectic User
Date Deposited: 09 May 2022 08:46
Last Modified: 07 Jun 2022 10:44
URI: https://arro.anglia.ac.uk/id/eprint/707563

Actions (login required)

Edit Item Edit Item