Cyber Victimization in the Healthcare Industry: Analyzing Offender Motivations and Target Characteristics through Routine Activities Theory (RAT) and Cyber-Routine Activities Theory (Cyber-RAT)

Introduction

In recent decades, the healthcare industry has transitioned much of its medical information from paper to electronic formats, increasing its vulnerability to cyberattacks. As healthcare becomes more digital, attackers have seized the opportunity to exploit weaknesses in these systems. Many individuals have had their personal data stolen, and significant financial losses have resulted from these breaches. To combat these attacks, it’s crucial to secure existing vulnerabilities. However, effectively addressing these issues requires understanding the motives behind the attacks. Whether driven by financial gain, political motivations, or other factors, identifying the reasons for these breaches can help predict and prevent future incidents. Another critical step in reducing the risk of attacks is determining where the vulnerabilities lie. The article on cyber victimization in healthcare delves into the causes of these attacks, investigating attackers’ motives, pinpointing weak points, and exploring how social sciences can help predict future cyberattacks.

Research Methods

The study used a coding instrument to analyze data, focusing on several independent variables: the attacker’s motive, attack technique, whether the attack was state-sponsored, and the attacker’s country of origin. The research also examined different healthcare sectors targeted, such as high-value data, patient services, government bodies, and supply chain dependencies. Data sources included reputable sites like Databreaches.net, CSIDB.org, and the Health Insurance Portability and Accountability Act (HIPAA) Journal.(Praveen, 2024) The researchers aimed to understand how the independent variables shifted across different healthcare sectors and which sectors were most targeted by cyberattacks.

Research Results

The findings revealed that healthcare institutions, particularly those in critical care and patient services, were the most targeted, accounting for 76.1% of attacks. Other sectors, such as pharmacies (7.5%) and healthcare administration (5%), were less frequently targeted. In terms of attack methods, ransomware accounted for 40.1% of attacks, followed by account takeovers (21.5%) and phishing (18.5%).(Praveen, 2024) Financial motives were behind 60.9% of the attacks, while 35.6% of the motives remained unidentified. State-sponsored attacks were mostly unidentified (83.3%), and the country of origin was undetermined in 91.3% of cases, with Russia being the second most identified origin (7.7%).(Praveen, 2024)

Social Science

The article used routine crime theory to examine the factors contributing to healthcare cyberattacks. According to this theory, an attack requires a motivated offender, a suitable target, and a lack of capable guardians. In this case, motivated offenders were financially driven cybercriminals targeting the healthcare sector, with critical care and patient services being the primary suitable targets. The absence of capable guardians, a factor in routine crime theory, was not clearly applicable due to the lack of comprehensive data. The article did not state it outright, but the data showed favor to reinforcement sensitivity theory. Reinforcement sensitivity theory states that crime comes from motivation that basic brain stimuli respond from rewarding or punishing stimuli. Since the majority of attacks were motivated for financial gain, it shows that the individuals who were committing the crime had a high interest in the reward interest that came with it.

Conclusion

The article provided valuable insights into the patterns and causes of cyberattacks on the healthcare sector, highlighting the importance of using social sciences to better understand these incidents. Despite identifying trends and common vulnerabilities, much data remained unexplored, encouraging further research into healthcare cybersecurity and strategies for predicting future attacks.

Citation:

Praveen, Y., Kim, M., & Choi, K.-S. (2024). Bridgew. International Journal of Cybersecurity Intelligence and Cybercrime, 7(1). https://vc.bridgew.edu/cgi/viewcontent.cgi?article=1186&context=ijcic

Article Link: https://vc.bridgew.edu/cgi/viewcontent.cgi?article=1186&context=ijcic