RESEARCH

The accelerating rate of digitalization

Cornerstone of the 21st century
the intersection between technological integration and
vulnerabilities of health services warrants immediate attention
and actions.
Address an issue which transcends borders and poses a risk to
global welfare
This technological transformation aims to elevate the quality and
availability of medical treatments
In such a backdrop, COVID-19 placed even further strain on the
healthcare industry
Cyberdefense, cybersecurity, build/ implement cyber- resilience,
robust cybersecurity measures
The problems have not been solved due to
a) Lack of comprehensive cooperation
b) Lack of recognized treaties
c) An incomplete coordination between IT professionals and
healthcare sector ( specialized data regulations, healthcare
workers)
Threats of cybersecurity
a) Financial losses deeply concerning domestic economies and
international communities (HIPAA Journal reporting an
average cost of $4.24 million per breach in 2022), place a
significant financial burden on already strained healthcare
system
b) The public leakage (the list of renowned athletes in the
World Anti-Doping agency (WAG)
c) Healthcare data and welfare systems can be hijacked for
the furtherance of certain political agendas ( cyberterrorists
 infiltrated NHS websites and uploaded images related to
the Syrian civil war)
d) Impede medical operations and patient care by making
access to digital databases impossible for the staff
e) The risk of medical devices being employed in advanced
cyberwarfare strategies ( in the case of Australia where
medical card numbers were found available on the dark
web)
f) Jeopardize patients’ health and research efforts
g) Erode patient trust in healthcare providers (reputational
damage) (make patients reluctant to disclose fully their
conditions) -> deteriorate mental disorders,.. defer
individuals from seeking essential treatment
they are usually considered the most sophisticated
cybersecurity threats due to their substantial resources
(sensitive (sexual dietary) or valuable information
(identification, medications, misuse of ensurances)) and
capacity for large-scale breaches over prolonged periods
of time with little risk of detection
While electronic records provide certain advantages over
conventional paper ones, namely the ability to conveniently
monitor staff’s involvement in patient's treatment, it has also
intensified the risks of potential breaches by allowing unfettered
remote access through online databases.
Malicious, political, mercenary reasons

Most vulnerable target

Examples:
+March, 2020 the servers of the US Department of Health and
Human Services (HHS) experienced a massive distributed denial-
of-service (DDoS) attack
 Global view
 Historical context
Healthcare industry has long been an inviting target for
cyberattacks due to
+ possess a comprehensive source of valuable and
sensitive information
+ historically slower than others on adopting novel more
secured technologies due to lengthy purchase cycles and
stringent restrictions. ( obsolete unsupporting operating
systems )
+ Check Point research found an ultrasound machine
running a Windows 2000 OS that no longer receive
security patches (which means successful infiltration of
this device is synonymous with potential myriad problems
like leaked personal information, ransomware,
misconducted medical machines,.. )
Covid-19 placed even further strain on the healthcare
industry (2020 witnessed a staggering 42% increase in
data breaches in healthcare due to global pandemic)
+ April 2020, a cyberattack targeted the University
Hospital in Brno, one of the largest centers for Covid-19
blood testing in the Czech Republic, leading to the
cancellation of several surgical operations as doctors
couldn’t process coronavirus tests after the attack.
To alleviate the challenge, healthcare organizations
provide security guidance to their staff, and governments
also provision individuals and organisations with this.
+ UK, National Health Service (NHS) Digital added
guidance on working from home security, ramping up its
on-site support for trusts on risk mitigation, data backup
and threat response as well as offering free NCSC’s
Protective Domain Name Service to the NHS
The health sector had established security policies and
legislation in place for cybersecurity management,
available to protect medical cyber-physical systems
+ The US Congress passed the 21st Century Cures Act
with the goals of facilitating the interoperability of of
electronic health data, safeguarding cybersecurity and
privacy
Healthcare organisations were advised to possess risk
management programmes by adopting standard
frameworks such as the National Institute of Standards
and Technology (NIST) and the Health Insurance
Portability and Accountability Act (HIPAA)
 Current situation
Recent decades have experienced a substantial surge in
the number of cybersecurity attacks in the healthcare
sector of various members states
Global attacks have registered a 28% rise since 2022
In 2022 alone, there were 571 confirmed incidents with
system intrusion representing 87% of total cases
Singapore-based Cyber Risk Management (CyRiM) found
that healthcare was the sector with the second highest
losses incurred malware attacks with $10 billion damages
worldwide
Most prominent types of attack is basic web application
attack, with the most prevalent being broken
authentication and security misconfiguration
The strongest motivation(instead of malpractice or
human fallibilities) seems to be financial gain as data
from the welfare sector are estimated to be higher than
any other data gleaned from the Internet
 Past actions
+ United Nations General Assembly: adopted the
Resolution 73/218 (2019) “ICT for sustainable
development”; “encourage strengthened and continuing
cooperation between and among stakeholders from both
developed and developing countries”
+ Word Health Organization (WHO):
Possess authority and adeptness in surveillance and
monitoring, developing guidelines, policies, risk
assessment, etc
In May 2018, the Health Assembly adopted resolution
WHA 71.7 in digital health which was a global strategy
identifying priority areas including where WHO should
focus its efforts
WHO aims to improve the digital skills of all citizens
through working with civil society to build public trust
The Member States of the WHO, in this resolution, noted
the urge to develop, as appropriate, legislation and/or
data protection policies around issues regarding digital
health such as cyberattacks, illegal data access and so
on.
After 3 years since the adoption of the above resolution,
the WHO introduced a comprehensive 2020-2025 Global
Strategy on Digital Health with four objectives
The strategy emphasizes the need to create multi-level
mechanisms for collaboration on global, regional, national
level. Regarding the countries that currently lack
resources and infrastructure, the Global Strategy
promotes other countries to establish good sharing
networks to review and adopt more updated, inclusive
national cyber frameworks
Success lies in the commitment of the stakeholders and
smart measures by each Member State
+ The ITU: In 2021, the ITU introduced the publication
“Guide to developing a National Cybersecurity Strategy
2nd Edition – Strategic engagement in cybersecurity”
which mentioned the healthcare sector of Member States
need to establish a risk-management approach to
identifying and protecting critical infrastructure. Hence,
the ITU is working with Member States with a view to
establishing and strengthening each country’s National
Computer Incident Response Teams (CIRTs)
 Bloc Positions
a) Developed countries
Compared to developing countries, developed ones
generally gained an edge, achieved superior overall
cybersecurity maturity due to
+ relatively stable financial capacity, which leverages
their proactive investment in protective measures
( evidence: The dominance of North American countries
like USA, Canada in the revenue share of the healthcare
cybersecurity market as of 2021)
+ advanced healthcare infrastructure
+ robust legal systems ( the Healthcare insurance
portability and accountability act (HIPAA), enacted by the
United States federal government, can be perceived as a
role model of a stringent, impactful law for introducing
high levels of standardization on a national scale)
However, it is incontrovertible that developed nations
often become susceptible to ambitious cyber-attacks due
to the vast repository of valuable and sensitive healthcare
data.
Drives behind these cyberattacks
+ majorly monetization
+ cyber espionage
+ healthcare algorithms training
+ intellectual property (IP) infringement
b) Developing countries
Orangeworm and APT22 are cybercrime alliances that
target healthcare organizations in Asia by using malware
mainly in India and Saudi Arabia
The same situation is notable in the remaining countries,
whose healthcare institutions had to switch to manual
processing after the main server suffered from
cyberattacks. (The Mexican, Brazilian and Indonesian
governments lacks a clear stance on strategy on health
cybersecurity and have weakened regulatory oversight of
the ICT sector. )
There is lack of tangible framework, policies and
regulations to develop the widespread use of ICT
(information and communication technology) among the
countries’ citizens.
Lack of trust, coupled with the lack of trained personnel
and specialized infrastructure in cybersecurity
Fail example: South Africa’s cyber laws are coordinated
by different government agencies, creating windows of
opportunities for inconsistencies, fragmentation and
misalignment, thus weakening initiatives for an effective
national cybersecurity strategy
Successful example: Nigeria, with the adoption of
globally-recognized National Institute of Standards and
Technology (NIST) Cybersecurity Framework, a
comprehensive guidelines dealing with all entities from
hospital to patients and other stakeholders
 Lesson: to achieve the national strategic goals of
building technical cybersecurity capacities, four
cybersecurity frameworks should be developed in
parallel including:
+ Risk Management Framework
+ Incident Response Framework
+ Information Sharing Framework
+ Capability Building Framework
 Healthcare institutions can be proactive by
implementing intrusion detection and prevention
systems such as NIST in Nigeria to
+ monitor their networks for suspicious activities
 + generate alerts to them
+ automatically launch the predefined
countermeasure to a potential cyberattack.
 Possible approaches
1. Measures
a) Preventative measures
+ assess the efficiency of national policies and
legislation regarding the current context of each
country and the world would allow regions to defect
flaws and further leverage their strengths
+ governments should incorporate technological
advancements in to design suitable and medical
devices that are up to standard criteria
(securing stable IT foundation of infrastructures,
devices: anti-virus, backup and restoration of
files/data, data loss prevention, email gateway,
encryption at rest, etc)
+ promote a risk-based approach: identify priorities
in the processes of vulnerability management, patch
management, penetration testing and increase the
resilience in the face of disasters including
epidemics, natural catastrophes…
+ heighten the awareness and broaden
cybersecurity-related knowledge of healthcare
workers
b) Proactive measures
Through reports of incidents, authorized bodies should
be able to analyse and exchange cases of cyber crimes
They can react quickly to unfortunate cases and
minimize risks by
 + Applying technical controls and devices to ensure
cryptographic security across network systems
+ Infuse homomorphic encryption, blockchain, network
segmentation into the sector’s control system
+ Apply advanced security measures such as anti-theft
apparatus, disaster recovery, digital forensics, etc
2. Fostering cooperation and
collaboration between stakeholders at
the national and international level
a) National scale
Countries and regions can promote partnerships between
the authorities and different stakeholders. This can
involve
+ Assessing the efficiency of existing normative, legal,
and policy frameworks and making amendments
+ Implementing new policies depending on the
circumstances of each country.
+ Having alternative and backup solutions in case of
emergencies pertaining to cyber fraud
b) International scale
+ Maintaining effective channels of communication
about the secure usage and control of cyber networks in
healthcare affairs among countries’ authorities, and
trading partners.
+ Harmonizing cybersecurity in healthcare sector
legislation between countries in the same region with
relevant international agreements may minimize the risks
of fraud.
+ Reporting any incidents of cyber criminals happening
in Member States’ channels to the WHO can help
contribute valuable information that promotes the
identification of patterns, trends, and emerging threats,
thereby enabling timely intervention, preventing further
damage and minimizing the impact.