Accepted for/Published in: Journal of Medical Internet Research
Date Submitted: Jun 23, 2020
Date Accepted: Feb 21, 2021
Date Submitted to PubMed: Mar 25, 2021
Healthcare Cyber Security Challenges and Solutions Under the Climate of COVID19: A Scoping Review
ABSTRACT
Background:
Coronavirus disease (COVID-19) has been an unprecedented challenge to the global health care system. It has further challenged the resilience of the healthcare information system (HIS), which has affected the ability to achieve the global sustainable goal of health and wellbeing. This research is motivated by the recent security incidents that happened to the hospitals, pharmaceutical companies, the US Department of Health and Human Services, the World Health Organization (WHO) and its partners, etc.
Objective:
This study aims to assess the security incidents, identify the challenges and provides cybersecurity recommendations to support the healthcare sector against the heightened cybersecurity risk realised through associated threats, including phishing campaigns and ransomware attacks which have been adapted to exploit vulnerabilities in technology and people introduced through changes to working practices dealing with the current COVID-19 pandemic.
Methods:
We performed a review of the topic of health sector security challenges and recommendations during COVID 19, through the searches of two major scientific databases (PubMed and Scopus) references from relevant articles using the search terms “healthcare” and “cybersecurity”. Reports, news articles, or websites were also included only when they related directly to previously published work, or they were the only currently available information source at the moment of manuscript preparation. Only articles in English in the later decade were included, i.e. 2010-2020, in order to focus on the current issues, challenges and solutions.
Results:
This research concluded that the most prominent and significant methods of attack and threats of the security incidents that happened during COVID 19 are related to phishing, ransomware, distributed denial of service attack and malware. We have identified challenges (8 themes) that have led to the incidents. The health sector have implemented some solutions (8 themes) to address these challenges. However, more efforts are needed in improving some aspects (4 themes) to strengthen their cybersecurity capacity.
Conclusions:
This research identified the most prominent and significant methods of attack and threats related to the security incidents that impacted the health sector initially during the COVID 19 pandemic, the cybersecurity challenges, solutions as well as the areas that require further efforts in the community. This provides useful insights to the health sector to address their cybersecurity issues during the COVID 19 pandemic as well as other epidemics or pandemics that may materialise in the future.
Citation
Request queued. Please wait while the file is being generated. It may take some time.
Copyright
© The authors. All rights reserved. This is a privileged document currently under peer-review/community review (or an accepted/rejected manuscript). Authors have provided JMIR Publications with an exclusive license to publish this preprint on it's website for review and ahead-of-print citation purposes only. While the final peer-reviewed paper may be licensed under a cc-by license on publication, at this stage authors and publisher expressively prohibit redistribution of this draft paper other than for review purposes.