Abstract
Cyberattacks target organisations and cause property loss, disruption of operation, and for healthcare facilities, even loss of life. With the advent of the internet of things (IoT) devices, the attack surface has extended significantly. Organisations need a cyber threat modelling approach to assess their network from the attackers’ perspective to safeguard their assets better. In this study, a framework was developed to compare cyber threat modelling of various IoT networks by focusing on the capabilities of the threat actors in the light of various factors, such as accessibility, stealth, technical ability, and time. The developed framework is applied to two different networks: SCADA and healthcare IoT infrastructure for demonstration. The results suggest that it is possible to cause a physical impact in IoT-based healthcare systems by using less sophisticated cyberattacks.
Original language | English (US) |
---|---|
Pages (from-to) | 405-431 |
Number of pages | 27 |
Journal | International Journal of Critical Infrastructures |
Volume | 19 |
Issue number | 5 |
DOIs | |
State | Published - 2023 |
Externally published | Yes |
Keywords
- attack sophistication
- attack trees
- cyberattack
- healthcare
- internet of things
- IoT
- SCADA
- threat modelling
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- General Environmental Science
- General Energy