Sage Journals: Discover world-class research

Abstract

Cyberattacks that target critical national infrastructure, such as hospitals, pose a significant threat to the safety and wellbeing of individuals, as evidenced by incidents like the WannaCry worldwide ransomware attack. To better understand vulnerabilities within the healthcare sector and develop preventive measures, it is crucial to examine the evolving nature of cyberthreats and the types of attacks occurring. In this article, we describe a multimethod approach comprising social networks analysis, natural language processing, and machine learning, using data from GDELT (Global Database of Events, Language, and Tone), to identify the prevalence of attacks on hospitals while considering the type of attack and its date. Through this approach, meaningful patterns in the evolution of cyberattacks are revealed by analyzing the relationships between emerging cyberattacks mentioned in news reports. Findings show that the number of attacks from 2017 to 2023 increased substantially, with hospitals being more prone to critical attacks such as cyberterrorism/state actor-sponsored criminal activities, advanced persistent threats, and distributed denial of service. Mapping real-time data from diverse sources using a multimethod approach, such as the framework proposed in this article, can lead to better understanding of the threat landscape. This is a crucial step in determining necessary cyberdefenses and informing the development of policy interventions to ensure the cybersecurity of critical national infrastructure.

Get full access to this article

View all access options for this article.

References

National Cyber Security Centre (NCSC). NCSC Annual Review: case study: securing the UK’s critical national infrastructure. Published November 14, 2023. Accessed February 12, 2024. https://www.ncsc.gov.uk/collection/annual-review-2023/resilience/case-study-securing-cni

National Cyber Security Centre (NCSC). NCSC warns of enduring and significant threat to UK’s critical infrastructure. Published November 14, 2023. Accessed February 12, 2024. https://www.ncsc.gov.uk/news/ncsc-warns-enduring-significant-threat-to-uks-critical-infrastructure

European Union Agency for Cybersecurity (ENISA). ENISA Threat Landscape: Health Sector. Athens: ENISA; 2023. Accessed February 26, 2025. https://www.enisa.europa.eu/sites/default/files/publications/Health%20Threat%20Landscape.pdf

Jalali

, Kaiser

. Cybersecurity in hospitals: a systematic, organizational perspective. J Med Internet Res. 2018; 20(5):e10059.

Argaw

, Troncoso-Pastoriza

, Lacey

, et al. Cybersecurity of hospitals: discussing the challenges and working towards mitigating the risks. BMC Med Inform Decis Mak. 2020; 20(1):146.

Wasserman

, Wasserman

. Hospital cybersecurity risks and gaps: review (for the non-cyber professional). Front Digit Health. 2022; 4:862221.

Kruse

, Frederick

, Jacobson

, Monticone

. Cybersecurity in healthcare: a systematic review of modern threats and trends. Technol Health Care. 2017; 25(1):1-10.

British Computer Society. Biggest healthcare cyber attacks this decade. Published January 9, 2023. Accessed February 12, 2024. https://www.bcs.org/articles-opinion-and-research/biggest-healthcare-cyber-attacks-this-decade/

Eddy

, Perlroth

. Cyber attack suspected in German woman’s death. New York Times. September 18, 2020. Accessed February 24, 2025. https://www.nytimes.com/2020/09/18/world/europe/cyber-attack-germany-ransomeware-death.html

10.

Science of Security Virtual Organization. Accessed February 25, 2025. https://www.sos-vo.org/

11.

Bakdash

, Hutchinson

, Zaroukian

, et al. Malware in the future? Forecasting of analyst detection of cyber events. J Cybersecur. 2018; 4(1):tyy007.

12.

Bobowska

, Choras

, Wozniak

. Advanced analysis of data streams for critical infrastructures protection and cybersecurity. J Univers Comput Sci. 2018; 24(5):622-633.

13.

Sun

, Zhang

, Rimba

, Gao

, Zhang

, Xiang

. Data-driven cybersecurity incident prediction: a survey. IEEE Commun Surv Tutor. 2019; 21(2):1744-1772.

14.

Galla

, Burke

. Predicting social unrest using GDELT. In: Perner

, ed. Machine Learning and Data Mining in Pattern Recognition. International Conference, MDLM 2018, New York, NY, USA, July 15-19, 2018, Proceedings, Part II, . Cham, Switzerland: Springer International Publishing; 2018:103-116. Accessed February 24, 2025. https://doi.org/10.1007/978-3-319-96133-0_8

15.

Yonamine

. Predicting Future Levels of Violence in Afghanistan Districts Using GDELT. Dissertation. Pennsylvania State University; 2013. Accessed February 25, 2025. http://data.gdeltproject.org/documentation/Predicting-Future-Levels-of-Violence-in-Afghanistan-Districts-using-GDELT.pdf

16.

Jakel

. Using Sentiment Data from the Global Database of Events, Language and Tone (GDELT) to Predict Short-Term Stock Price Developments. Bachelor’s thesis. University of Twente; 2019. Accessed February 25, 2025. https://essay.utwente.nl/78614/

17.

Kwon

, Johnson

. Proactive versus reactive security investments in the healthcare sector. MIS Q. 2014; 38(2):451-472, A1-A3.

18.

Ayala

. Medical facility cyber-physical attacks. In: Ayala L. Cybersecurity for Hospitals and Healthcare Facilities: A Guide to Detection and Prevention. Berkeley, CA: Apress; 2016:39-45. Accessed February 25, 2025. https://doi.org/10.1007/978-1-4842-2155-6_4

19.

Radanliev

. Dance as a mental health therapy in the Metaverse: exploring the therapeutic potential of Dance Movement Therapy as a non-pharmacological treatment in the Metaverse. Front Comput Sci. 2024; 6:1334027.

20.

Lee

, Sokolsky

, Chen

, et al. Challenges and research directions in medical cyber–physical systems. Proc IEEE. 2012; 100(1):75-90.

21.

Coventry

, Branley

. Cybersecurity in healthcare: a narrative review of trends, threats and ways forward. Maturitas. 2018; 113:48-52.

22.

, Aliyu

, Evans

, Luo

. Health care cybersecurity challenges and solutions under the climate of COVID-19: scoping review. J Med Internet Res. 2021; 23(4):e21747.

23.

Scottish Government. Scottish Public Sector Cyber Incident Response Plan . Version v1.4. Edinburgh: Scottish Government; 2024. Accessed February 25, 2025. https://www.gov.scot/binaries/content/documents/govscot/publications/advice-and-guidance/2019/10/cyber-resilience-incident-management/documents/cyber-incident-response-toolkit-scottish-public-sector-incident-response-plan-cirp-v1-4/cyber-incident-response-toolkit-scottish-public-sector-incident-response-plan-cirp-v1-4/govscot%3Adocument/Cyber%2Bincident%2Bresponse%2Btoolkit%2B-%2BScottish%2Bpublic%2Bsector%2Bincident%2Bresponse%2Bplan%2B%2528%2BCIRP%2529%2Bv1.4.docx

24.

Argaw

, Bempong

, Eshaya-Chauvin

, Flahault

. The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review. BMC Med Inform Decis Mak. 2019; 19(1):10.

25.

van Boven

, Kusters

RWJ

, Tin

, et al. Hacking acute care: a qualitative study on the health care impacts of ransomware attacks against hospitals. Ann Emerg Med. 2024; 83(1):46-56.

26.

Neprash

, McGlave

, Rydberg

, Henning‐Smith

. What happens to rural hospitals during a ransomware attack? Evidence from Medicare data. J Rural Health. 2024; 40(4):728-737.

27.

Alhammad

, Yusof

, Jambari

. A review of cyber threats to medical devices integration with electronic medical records. Paper presented at: 2022 International Conference on Cyber Resilience (ICCR) 2022; October 6-7, 2022; Dubai, United Arab Emirates. Accessed February 25, 2025. http://dx.doi.org/10.1109/ICCR56254.2022.9995984

28.

McGlave

, Neprash

, Nikpay

. Hacked to pieces? The effects of ransomware attacks on hospitals and patients. Preprint. SSRN. Posted October 4, 2023. Accessed February 25, 2025. http://dx.doi.org/10.2139/ssrn.4579292

29.

Warminsky

. Cyberattack on Massachusetts hospital disrupted records system, emergency services. The Record. December 29, 2023. Accessed June 6, 2024. https://therecord.media/cyberattack-on-massachusetts-hospital-disrupted-health-record-system

30.

Lovell

. NHS issues urgent call for O-type blood donors following London cyber attack. Digital Health. June 10, 2024. Accessed June 20, 2024. https://www.digitalhealth.net/2024/06/nhs-issues-urgent-call-for-o-type-blood-donors-following-london-cyber-attack/

31.

Buckingham

, Brandt

, Anderson

, LF

do Amaral

, Singh

. The untapped potential of mining news media events for understanding environmental change. Curr Opin Environ Sustain. 2020; 45:92-99.

32.

Coulter

, Han

, Pan

, Zhang

, Xiang

. Data-driven cyber security in perspective-intelligent traffic analysis. IEEE Trans Cybern. 2020; 50(7):3081-3093.

33.

Pant

, Sharma

, Kundu

. An overview of stemming and lemmatization techniques. In: Kumar

, Sharma

, Chopra

, Rattan

, eds. Advances in Networks, Intelligence and Computing. London: CRC Press; 2024:308-321.

34.

Gallagher Healthcare. What are the different types of hospitals? Published March 22, 2018. Accessed February 12, 2024. https://www.gallaghermalpractice.com/blog/post/what-are-the-different-types-of-hospitals

35.

Everett

, Borgatti

. Extending centrality. In: Carrington

, Scott

, Wasserman

, eds. Models and Methods in Social Network Analysis. Cambridge University Press; 2005:57-76. Accessed February 25, 2025. https://library.uc.edu.kh/userfiles/pdf/18.Models%20and%20Methods%20in%20Social%20Network%20Analysis.pdf

36.

Ahmed

, Daclin

, Olivaux

, Dusserre

. Cybersecurity challenges for field hospitals: impacts of emergency cyber threats during emergency situations. Int J Emerg Manag. 2023; 18(3):274-292.

37.

Vanderbilt University Medical Center. Phishing attacks are targeting the health care industry; some tactics to familiarize yourself with to stay safe. VUMC News. June 5, 2024. Accessed December 18, 2024. https://news.vumc.org/2024/06/05/phishing-attacks-are-targeting-the-health-care-industry-some-tactic-to-familiarize-yourself-with/

38.

Dameff C, Tully J, Chan TC, et al. Ransomware attack associated with disruptions at adjacent emergency departments in the US. JAMA Netw Open. 2023; 6(5):e2312270.

39.

Tokat

. Cyber threats to hospitals and critical infrastructure in times of COVID-19 pandemic. Preprint. SSRN. Posted August 18, 2023. Accessed February 25, 2025. https://dx.doi.org/10.2139/ssrn.4539458

40.

Wiggen

. The impact of COVID-19 on cyber crime and state-sponsored cyber activities. Konrad Adenauer Foundation. Published June 6, 2020. Accessed February 25, 2025. https://www.kas.de/en/analysen-und-argumente/detail/-/content/die-auswirkungen-von-covid-19-auf-cyberkriminalitaet-und-staatliche-cyberaktivitaeten

41.

Wilner

, Luce

, Ouellet

, Williams

, Costa

. From public health to cyber hygiene: Cybersecurity and Canada’s healthcare sector. Int J: Canada J Glob Pol Anal. 2021; 76(4):522-543.

42.

UK Government. UK coronavirus (COVID-19) alert level increased from Level 3 to Level 4. Published December 12, 2021. Accessed February 12, 2024. https://www.gov.uk/government/news/uk-coronavirus-covid-19-alert-level-increased-from-level-3-to-level-4

43.

UK Government Cabinet Office. National Cyber Security Strategy 2022 (HTML). Updated December 15, 2022. Accessed February 12, 2024. https://www.gov.uk/government/publications/national-cyber-strategy-2022/national-cyber-security-strategy-2022

44.

Foroughi

, Ebrahimi

, Aryankhesal

, Maleki

, Yazdani

. Hospitals during economic crisis: a systematic review based on resilience system capacities framework. BMC Health Serv Res. 2022; 22(1):977.

45.

Radanliev

, De Roure

. Disease X vaccine production and supply chains: risk assessing healthcare systems operating with artificial intelligence and industry 4.0. Health Technol (Berl). 2023; 13(1):11-15.

46.

Liu

. Closing the gaps in security through AI and ML. Forbes. February 11, 2022. Accessed December 18, 2024. https://www.forbes.com/councils/forbestechcouncil/2022/02/11/closing-the-gaps-in-security-through-ai-and-ml/

Mapping the Cyberthreat Landscape in Healthcare Using GDELT: A Multimethod Approach

Abstract

Get full access to this article

References