Abstract
Technology runs much of modern society’s daily functions due to how efficient, reliable, and easy it is to access and manage content anywhere at any time. This rapid growth has created an emphasis on cybersecurity to ensure data integrity in today’s digital realm and the future to come. Since more industries are relying on technology, cybersecurity is becoming more utilized as the foundation for success for many companies and individuals alike. However, as these new avenues for communication become part of daily life, cyber threats have also become more prevalent. One of these avenues affected includes healthcare telemedicine (Annaswarmy et al. 2020) which during COVID-19 pandemic provides patients with more convenient methods of medical services. To prevent cyber-attacks on these services through social engineering, among several defense techniques, including machine learning (ML), are being researched to mitigate the effects of human error. This paper provides recent social engineering attacks on healthcare systems, devices, and telemedicine services; and highlights the potential of machine learning in defending against social engineering attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alder, S.: Saint agnes health care hack exposes 25000 HIPAA records (2015). https://www.hipaajournal.com/saint-agnes-healthcare-hack-exposes-25000-hipaa-records-5663/
Annaswarmy, T.M., Verduzco-Gutierrez, M., Frieden, L.: Telemedicine barriers and challenges for persons with disabilities: Covid 19 and beyond, October 2020. https://www.sciencedirect.com/science/article/abs/pii/S1936657420301047?via%3Dihub
AVSystem. IoT standards and protocols guide — protocols of the Internet of Things (2019). www.avsystem.com/blog/iot-protocols-and-standards
Ayoade, G., et al.: Evolving advanced persistent threat detection using provenance graph and metric learning. In: 2020 IEEE Conference on Communications and Network Security (CNS) (2020). https://doi.org/10.1109/cns48642.2020.9162264. https://ieeexplore
Brown, N.: Phishing attacks are targeting healthcare... again (2020). https://www.nextech.com/blog/phishing-attacks-are-targeting-healthcare-again
Cihodariu, M.: What is social engineering: the tactics used to manipulate you (2020). https://heimdalsecurity.com/blog/what-is-social-engineering-tactics/
Cimpanu, C.: Phishing campaigns, from first to last victim, take 21h on average (2020). https://www.zdnet.com/article/phishing-campaigns-from-first-to-last-victim-take-21h-on-average/
Clarkson, K.: Phishing and security risks in telehealth and video communication (2020). https://www.pulsara.com/blog/phishing-and-security-risks-in-telehealth-and-video-communication
Cowart, H.: Telemedicine fraud: how are doctors affected? (2019). https://www.hchlawyers.com/blog/2019/december/telemedicine-fraud-how-are-doctors-affected-/
Dasgupta, D.A.: Machine learning in cybersecurity: a comprehensive survey J. Def. Model. Simul.: Appl. Methodol. Technol., 1–50 (2020). https://doi.org/10.1177/1548512920951275
Davis, J.: Hackers targeting healthcare with social engineering, Email Spoofing (2019). https://healthitsecurity.com/news/hackers-targeting-healthcare-with-social-engineering-email-spoofing
DHHS. DHHS table of healthcare breaches (n.d.). https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
Econsultancy. 10 examples of the Internet of Things in healthcare, 01 February 2019. https://econsultancy.com/internet-of-things-healthcare/
FBI. Billion-dollar bust, 09 April 2019. https://www.fbi.gov/news/stories/billion-dollar-medicare-fraud-bust-040919
Frumento, E.: Social engineering: an IT security problem doomed to get worse (2018). https://medium.com/our-insights/social-engineering-an-it-security-problem-doomed-to-get-worst-c9429ccf3330
Gualberto, E.D.: The answer is in the text: multi-stage methods for phishing detection based on feature engineering. IEEE Access 8, 223529–223547 (2020)
HealthLeaders. Telehealth tops the list as physician digital health adoption increases (2020). www.healthleadersmedia.com/innovation/telehealth-tops-list-physician-digital-health-adoption-increases/
HIPAA. Healthcare data breach statistics (n.d.). https://www.hipaajournal.com/healthcare-data-breach-statistics/
HIPAA. Protect healthcare data from phishing (n.d.). https://www.hipaajournal.com/protect-healthcare-data-from-phishing/
Hoeschele, M., Rogers, M.: Detecting social engineering. In: Pollitt, M., Shenoi, S. (eds.) DigitalForensics 2005. ITIFIP, vol. 194, pp. 67–77. Springer, Boston, MA (2006). https://doi.org/10.1007/0-387-31163-7_6
Johnson, C.: 3 warning signs of a telemedicine scam (2020). https://clark.com/scams-rip-offs/telemedicine-scams/
Knight, V.: Phone scammers and ‘teledoctors’ charged with preying on seniors in fraud case (2019). https://www.npr.org/sections/health-shots/2019/10/07/766517003/phone-scammers-and-teledoctors-charged-with-
Krizhevsky, A.S.: ImageNet classification with deep convolutional neural networks. In: Proceedings of the 25th International Conference on Neural Information Processing Systems, vol. 1, pp. 1097–1105 (2012)
Lansley, M., Mouton, F., Kapetanakis, S., et al.: SEADer++: social engineering attack detection in online environments using machine learning. J. Inf. Telecommun. 4, 346–362 (2020)
Lyons, K.: Google saw more than 18 million daily malware and phishing emails related to COVID-19 last week (2020). https://www.theverge.com/2020/4/16/21223800/google-malware-phishing-covid-19-coronavirus-scam
McLeod, A.: Cyber-analytics: modeling factors associated with healthcare data breaches. Decis. Support Syst. 108, 57–68 (2018)
Pennic, J.: Telehealth and Cybersecurity: what you should know. HIT Consultant (2020). https://hitconsultant.net/2020/07/22/telehealth-cybersecurity-what-you-should-know/
Sharma, N.: Cloud based healthcare services for telemedicine practices using Internet of Things (2020). http://www.jcreview.com/fulltext/197-1597924280.pdf?1622692915
Shirer, M.: The growth in connected IoT devices is expected to generate 79.4ZB of data in 2025, according to a New IDC Forecast (2019). https://www.businesswire.com/news/home/20190618005012/en/Growth-Connected-I
Team, KernelCare. IoT devices are in desperate need of live kernel patching (2019). https://blog.kernelcare.com/iot-devices-are-in-desperate-need-of-live-kernel-patching
Tunggal, T.A.: Why is cybersecity important (2020). https://www.upguard.com/blog/cybersecurity-important
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Nguyen, C., Williams, W., Didlake, B., Mitchell, D., McGinnis, J., Dasgupta, D. (2022). Social Engineering Attacks in Healthcare Systems: A Survey. In: Choo, KK.R., Morris, T., Peterson, G., Imsand, E. (eds) National Cyber Summit (NCS) Research Track 2021. NCS 2021. Lecture Notes in Networks and Systems, vol 310. Springer, Cham. https://doi.org/10.1007/978-3-030-84614-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-84614-5_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-84613-8
Online ISBN: 978-3-030-84614-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)