During a crisis or ongoing disaster, field hospitals and emergency response IT infrastructure can face cybersecurity challenges just as any other IT infrastructure, but with life or death consequences. Hackers and scammers hoping to exploit vulnerabilities can disrupt critical healthcare services during the emergency. Research in the International Journal of Emergency Management, looks at the growing concerns surrounding cybersecurity of medical devices, health data, and overall healthcare infrastructure.
Nasir B. Ahmed, Nicolas Daclin, and Gilles Dusserre of the Laboratoire des Sciences des Risques in Alès, and Marc Olivaux of the Université de Nîmes, Nîmes, France, highlight how healthcare systems are targets for cyberthreat actors partly because of the invaluable data they hold. Weak defences in these critical systems provide avenues for unauthorized access and potential harm, such as the implementation of ransomware or comprising patient and healthcare worker privacy for financial gain.
Of course, all IT infrastructure is vulnerable to such threats, but during the chaos of an emergency situation, third-parties can exploit human as well as technological vulnerabilities to access healthcare infrastructure for malicious ends. The team reports on the various techniques that cyberthreat actors might use in such circumstances., These range from sophisticated social engineering campaigns to physical and technical attacks on emergency response IT infrastructure.
The team emphasises that urgent action is needed to bolster cybersecurity measures in field hospitals and emergency response operations. Investment is needed in advanced security technologies, regular vulnerability audits, and comprehensive cybersecurity training for personnel. They point out that collaboration between healthcare institutions, emergency response agencies, and cybersecurity experts could be the way forward to help mitigate potentially lethal cyber threats. By sharing threat intelligence and best practices, those involved can build a united front against cyber threats and so boost the resilience of healthcare systems during a crisis.
Cyberthreats are continuously evolving, so there also needs to be continuous evaluation of cybersecurity measures and strategies in place. It is important that those running security systems for emergency healthcare keep ahead of the threats and act quickly as new and sophisticated threats emerge. Only by being vigilant and proactive can emergency response operations be safeguarded against threats.
Ahmed, N.B., Daclin, N., Olivaux, M. and Dusserre, G. (2023) ‘Cybersecurity challenges for field hospitals: impacts of emergency cyberthreats during emergency situations’, Int. J. Emergency Management, Vol. 18, No. 3, pp.274–292.