**2. Cybersecurity for smart health**

## **2.1 Healthcare Cybersecurity In The Age of COVID-19**

Healthcare is one of the most vulnerable industries when it comes to cybersecurity. The healthcare system around the globe has become more susceptible to cyber attacks in the age of COVID-19. Many cyber-security organizations are reporting a rapid increase in cyber attacks since the start of the COVID-19 pandemic. The healthcare system, including nursing home, has always been one of the key target of cyberattacks. Recent string of attacks in several major hospitals and healthcare systems, have exposed the security vulnerabilities of most trusted healthcare institutions. The healthcare industries are at forefront of global efforts to fight the virus (COVID-19) during the pandemic. As such, this critical sector should be secure by cybercriminals, but that is not what has happened. The COVID-19 era is characterized by a steep rise in cyber attacks, from different perpetrators and for different motivations, and the healthcare sector has not been secure [22]. The smart health pipeline for data processing and security analytics using AI is shown in **Figure 2**.

Security and privacy in the healthcare industry are very crucial as they involve a patient's/user's personal information and private medical records. During the last few decades, the healthcare provider has increased the use of advanced technologies, like Artificial Intelligence (AI), machine learning techniques to secure patients' health profiles, storing data in the cloud, advanced medical devices, etc. These technological advancements have reduced the work of healthcare providers and have led to a paperless environment. But in return, the risk of cyber-attacks has increased. In most of the cases, there are no appropriate security systems installed to protect the hospital database, and the healthcare provider are often unaware of the cybersecurity threats lie in the shadows. Information Technology (IT) in

**Figure 2.** *Smart Health Pipeline.*

healthcare systems is vulnerable to the point that it can take even several weeks before a cyberattack is acknowledged. The healthcare providers continue working with a hacked system without having any knowledge of the attacks. This could result in spending billions of dollars and affect millions of patients each year [23].

In the last few years, the healthcare industry has been exposed to several cyberattacks. The most significant cyberattacks among them are:

#### *2.1.1 Cyberattack on UVM Health Network*

The University of Vermont (UVM) Healthcare system was shut down after identifying a cyberattack on Oct. 28, 2020. The hospital was losing about \$1.5 million per day, including lost revenue from postponed services and expenses needed to recover from the attack. The healthcare system was shut down for about 40 days including electronic health records (HER). More than 5000 computers were infected as they all were connected to the same network. In November, about three hundred employees were not able to work during this outage. UVM Medical Center President and COO Stephen Leffler, MD, said the health system expects the entire incident will cost more than \$63 million by the time it resolves [24].

#### *2.1.2 Ryuk and NHSD ransomware attack*

On Oct. 26, 2020, an adversary attack (Ryuk ransomware) affected the network systems of six hospital systems from New York to California over 24 hours. A few hospitals self-reported IT outages due to ransomware during that time. The attackers have demanded more than \$1 million from unknown hospitals. According to the New York Times, the hackers are known to set the ransom at 10% of the organization's annual income. The federal government wants the hospital systems and healthcare providers to boost protection networks, ensure all the software updates are made, back up data, monitor access to their systems closely. Ryuk has been deployed as a payload from banking. Ryuk was first introduced in August 2018 as a derivative of Hermes 2.1 ransomware. One of the key reasons the attackers target healthcare organizations to get the monetary benefits in terms of ransom. In May 2017, National Health Services (NHS) in the UK were one of the victims of the ransomware attack. Almost 200,000 computers at 16 healthcare facilities affected by the WannaCry attack at that time. Thousands of patients were suffered from the outcomes of the attack as it stop down the many vital medical equipments [25].

#### *2.1.3 Nebraska medicine in Omaha attack*

In September 2020, Nebraska Medicine first reported the outage, and the health system anticipates its computer network will remain down. The adversary incident affected the Nebraska Medicine IT system and required many patient's appointments to be postponed or rescheduled. The attack also affected the EHRs and computer systems for several other Regional Health Services because Nebraska Medicine powers their EHRs. Also, from Feb. to May 2020, there are more than 46 hospitals and health systems that had patient information exposed in a security hole at Blackbaud, a company that stores donor information for organizations, including health systems [26].

#### *2.1.4 DDoS attack at Boston's Children Hospital*

Distributed Denial of Service (DDoS) occurs when the network is overloaded and it starts denial of availability to its recipients. There are a few times the DDoS *Smart Health and Cybersecurity in the Era of Artificial Intelligence DOI: http://dx.doi.org/10.5772/intechopen.97196*

attack happens unintentionally. But most of the time the cybercriminals created DDoS attack to get access the critical data, including the financial information of an organization. The healthcare system is one of the main targets for the hackers. In 2014, one of the most remarkable DDoS attacks targeted Boston's Children Hospital. The hospital system was attacked by DDoS when dealing with the case of parental withdrawal of a 14-year-old girl. The hospital had an about \$300,000 loss to overcome the damage caused by the DDoS cyberattack [27].
