Table 1 The German industry-specific security standard for proving the state of the art in healthcare lists these cyber threats for hospitals, among others [1]
From: Simulating the overload of medical processes due to system failures during a cyberattack
B3S: IT-Threats to hospitals | |
|---|---|
1 | General threats |
1a | E. g. Failure of basic infrastructure (Powersupply,‥) |
2 | Vulnerabitilities |
2a | E. g. Use of unsuitable IT networks, linking of services |
3 | Industry sector specific threats |
3a | E. g. Loss of confidentiality especially sensible patient data |
4 | IT-specific threats |
4a | Not availibility of relevant data |
4b | Not availibility of relevant IT-systems |
4c | Not availibility of relevant logistic chains |
4d | Manipulation of relevant data |
4e | Hacking and Manipulation core systems |
4f | Ransomware (or other malware) |
4g | DDoS attacks |
4h | Social Engineering |
4i | Advanced Persistent Threat (APT) |
4j | Identity Theft and missuse |
4k | E-Mail Account theft |