Using attack graphs to defend healthcare systems from cyberattacks: a longitudinal empirical study

Cyber security encompasses a variety of financial, political, and social aspects with significant implications for the safety of individuals and organisations. Hospitals are among the least secure and most vulnerable organisations in terms of cybersecurity. Protecting medical records from cyberattacks is critical for protecting personal and financial records of those involved in medical institutions. Attack graphs, like in other systems, can be used to protect medical and hospital records from cyberattacks. In the current study, a total of 352 real-life cyberattacks on healthcare institutions using common vulnerability scoring system (CVSS) data were statistically examined to determine important trends and specifications in regard to those attacks. Following that, several machine learning techniques and an artificial neural network model were used to model industrial control systems (ICS) vulnerability data of those attacks. The average vulnerability score for attacks on healthcare IT systems was found to be very high. Moreover, this score was found to be higher in healthcare institutions which have experienced cyberattacks in the past and no mitigation actions were implemented. Using Python programming software, the most successful model that can be used in modelling cyberattacks on IT systems of healthcare institutions was found to be the K-nearest neighbours (KNN) algorithm. The model was then enhanced further and then it was tried to make predictions for future cyberattacks on IT systems of healthcare institutions. Results indicate that the overall score is critical indicating that medical records are, in general, at high risk and that there is a high risk of cyberattacks on medical records in healthcare institutions. It is recommended, therefore, that those institutions should take urgent precautionary measures to mitigate such a high risk of cyberattacks and to make them more secure, reliable, and robust.