TY - JOUR
T1 - Safeguarding the healthcare sector from ransomware attacks
T2 - Insights from a literature review
AU - Shahzadi, Amna
AU - Ishaq, Kashif
AU - Dogar, Abdul Basit
AU - Khan, Javed Ali
AU - Mylonas, Alexios
AU - Nawaz, Naeem A.
AU - Yasin, Affan
AU - Khan, Fawad Ali
N1 - Publisher Copyright:
© Copyright 2025 Shahzadi et al. Distributed under Creative Commons CC-BY 4.0
PY - 2025
Y1 - 2025
N2 - Cybersecurity integrates a broad spectrum of concerns, addressing numerous cyber threats and malicious factors that pose significant risks to the system’s integrity and functionality. Among these threats, ransomware presents a significant challenge. Often executed through phishing emails, ransomware attacks result in compromised data encrypting, with attackers demanding considerable ransoms for decryption. While these attacks target various sectors, including business, academia, and banking, the healthcare industry is particularly vulnerable due to its possession of sensitive data, the disclosure of which could lead to severe repercussions. This article provides a thorough literature review (LR) of ransomware attacks in the healthcare setup, encompassing studies from 2016 to 2024 and including an analysis of 60 articles. It addresses several critical research questions related to the topic. It also investigates the variants of ransomware targeting the healthcare sector, their propagation methods, and data encryption techniques. This article also examines the impacts of ransomware attacks on healthcare organizations, concentrating on financial losses, patient care disruptions, and data breach issues. Moreover, it examines various strategies and best practices that healthcare organizations have adopted to prevent, detect, and respond to ransomware attacks. This study analyzes ransomware attacks’ legal and regulatory implications, focusing on patient data protection and compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other relevant regulations. It also evaluates the effectiveness of existing cybersecurity frameworks and guidelines, like the National Institute of Standards and Technology (NIST) Cybersecurity Framework and the Health Information Trust Alliance Common Security Framework (HITRUST CSF), in aiding healthcare organizations to guard against ransomware attacks. Lastly, this article develops a taxonomy to explain the novelty and contributions of this research within the context of ransomware attacks in the healthcare sector.
AB - Cybersecurity integrates a broad spectrum of concerns, addressing numerous cyber threats and malicious factors that pose significant risks to the system’s integrity and functionality. Among these threats, ransomware presents a significant challenge. Often executed through phishing emails, ransomware attacks result in compromised data encrypting, with attackers demanding considerable ransoms for decryption. While these attacks target various sectors, including business, academia, and banking, the healthcare industry is particularly vulnerable due to its possession of sensitive data, the disclosure of which could lead to severe repercussions. This article provides a thorough literature review (LR) of ransomware attacks in the healthcare setup, encompassing studies from 2016 to 2024 and including an analysis of 60 articles. It addresses several critical research questions related to the topic. It also investigates the variants of ransomware targeting the healthcare sector, their propagation methods, and data encryption techniques. This article also examines the impacts of ransomware attacks on healthcare organizations, concentrating on financial losses, patient care disruptions, and data breach issues. Moreover, it examines various strategies and best practices that healthcare organizations have adopted to prevent, detect, and respond to ransomware attacks. This study analyzes ransomware attacks’ legal and regulatory implications, focusing on patient data protection and compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other relevant regulations. It also evaluates the effectiveness of existing cybersecurity frameworks and guidelines, like the National Institute of Standards and Technology (NIST) Cybersecurity Framework and the Health Information Trust Alliance Common Security Framework (HITRUST CSF), in aiding healthcare organizations to guard against ransomware attacks. Lastly, this article develops a taxonomy to explain the novelty and contributions of this research within the context of ransomware attacks in the healthcare sector.
KW - Computer Education
KW - Computer Networks and Communications
KW - Cyber security framework
KW - Cyber threat
KW - Data encryption
KW - Human-Computer Interaction
KW - Malicious entities
KW - Phishing attack
KW - Ransomware attack
KW - Regulatory compliance
KW - Security and Privacy
KW - Social Computing
UR - https://www.scopus.com/pages/publications/105022183696
U2 - 10.7717/peerj-cs.3073
DO - 10.7717/peerj-cs.3073
M3 - Article
AN - SCOPUS:105022183696
SN - 2376-5992
VL - 11
JO - PeerJ Computer Science
JF - PeerJ Computer Science
M1 - e3073
ER -