EXPLORING THE IMPACT OF CYBERSECURITY ON SMART ASSISTIVE TECHNOLOGY

  

 

 

CIS 560

Network and Security Protocols

2023 Fall

          Final Research Project 

 

TITLE: Exploring the Impact of Cybersecurity on Smart Assistive Technology

                       

 

                                    BY

 

 

 

 

MATTHIAS OKENWA

DEPARTMENT OF INFORMATION TECHNOLOGY

MINNESOTA STATE UNIVERSITY MANKATO

 

                        PRESENTED TO

PROF. RITTENHOUSE RUSSEL

 

 

 

 

                                                           

                                                                                                                        November 30, 2023

TABLE OF CONTENTS

i.               Abstract

ii.              Introduction

·       Background of the study

·       Purpose and significance of the study

iii.            Literature review

·       The current state of Smart Assistive Technology

·       The importance of cybersecurity

iv.            Methodology

·       Research methods and data collection

·       Ethical considerations

v.              cybersecurity challenges in smart assistive technology

·       Data security and privacy

·       Authentication and Access Control

·       Vulnerability in smart Devices

vi.            Ethical Implications

·       Privacy and autonomy

·       Informed consent

·       Vulnerable populations

vii.           Mitigation Strategies

·       Best Practices for improving cybersecurity.

·       Future development and innovation

viii.         Conclusion

·       Key findings

·       Recommendations for a secure and ethical future

ix.            Reference

 

 

 

 

 

 

 

ABSTRACT

The new era of Digital technology provides unique opportunities to revolutionize the healthcare ecosystem and health research. And this has ushered in serious security, safety, and privacy threats. The health industry is also believed to be unequipped and unready to face cyberattacks, while its vulnerabilities are being systematically exploited by attackers. The high demand needs and use of SAT devices, the complexity of operations, and the incompatible systems are leaving healthcare organizations exposed to various malware, including ransomware, which results in compromised healthcare access, quality, safety, and care. Perhaps to benefit from the merit of technology in the healthcare sector, cybersecurity issues need to be resolved. Secured Cyber measures are being suggested via several healthcare standards which are often contradictory and confusing, making these measures ineffective and difficult to implement. To place a solid foundation for the health industry sector, in improving the understanding of complex cybersecurity issues, this paper will explore the existing vulnerabilities in the healthcare critical information infrastructures that are used in cyberattacks and discuss the Strategies to mitigate the attacks and ensure the safety of persons with disabilities that makes use of the devices.

 

 

 

 

 

 

 

 

INTRODUCTION

Background of the study

The rapid integration of smart assistive devices into the overall aspects of human life is amazing. This no doubt has significantly improved the standard of living for everyone, especially individuals living with disabilities. These devices range from Smart prosthetics, hearing aids devices, wearable health monitors, and voice recognition home automation systems, which leverage cutting-edge technology aimed at providing support for independent living. However, as these devices increase in demand and usage, so does the potential vulnerability to cybersecurity attacks, posing greater risks to safety, privacy, and functionality to the end users. 

Part of the challenge lies in the lack of comprehensive research and understanding of specific security challenges smart assistive devices face. As this device offers remarkable benefits to the users especially individuals living with disabilities their interconnected nature, reliance on the data network and integration with other external network systems make them susceptible to a series of cyber-attacks including unauthorized access data breaches and malicious activities. The consequences of this malicious activity range from invasion of users' privacy to compromised functionality, which to a large extent impact the well-being and freedom of the users.

To address this issue, it is important to conduct extensive research on the impact of cybersecurity on smart medical devices. This study will involve an in-depth study of the existing security architecture to identify the vulnerability and development of effective strategies to mitigate the risks. The understanding of the unique problems posed as a result of the intersection of assistive technology and cybersecurity is crucial to ensure the continued advancement and safe adoption of smart assistive devices in various domains including healthcare, accessibility, and independent living.

Purpose and significance of the study

The purpose of this study on the impact of cybersecurity on Smart assistive technology is to critically assess and understand the emerging potential vulnerabilities, threats, and overall impacts of cybersecurity challenges on the functionalities, reliability, and safety of smart assistive technologies. As these smart assistive technologies have become increasingly integrated into most aspects of human lives particularly healthcare, accessibility, and home automation, making them cyber-secured is very important. So, this study will identify vulnerabilities, assess the threat to the landscape, evaluate its impact on the users, and perhaps propose mitigation techniques. However, the significance of the study will be to enhance the user's confidence, encourage industry best practices, and promote further research development.

 

LITERATURE REVIEW

The current state of smart assistive technology

Smart Assistive technology (SAT), which comprises wheelchairs, hearing aids, adaptive vehicles, mobility canes, eyeglasses, and hearing loops enables people to maintain self-independence and enhance good quality of life, However, among individuals living with disabilities who need SAT globally, 90% do not have access (according to the World Health Organization report, 2018). one essential duty of healthcare practitioners, which comprises medical doctors Rehabilitation specialists, occupational therapists, audiologists, and prosthetist designers, is to help select and adapt a Smart assistive product for individuals with special needs abilities and ensure the user is fully trained on how to use them.

Apparently, knowing the products that exist could serve their needs is of great importance. However, the global SAT market is diverse and continuously driven by new innovations. This innovation has also come with lots of security threats and privacy issues like cyberattacks on the devices. Cyberattacks are breaches of data information when information is hacked, stolen, corrupted, or passed to unauthorized recipients. Cyberattacks are occurring worldwide, because of weak data security strategies and vulnerabilities in several healthcare organizations. (Kitty K. Theo F. and Haralambos M., 2021) Even in advanced countries with good healthcare systems, the issue of security for SAT is often ignored. A report shows that 94% of healthcare organizations have experienced a cyberattack in one of the above-mentioned from 2009 to 2014 an estimated 150 million Electronic Health Records (EHR) information have been breached because of theft, loss, or breach of SAT devices. (Kitty K. Theo F. and Haralambos M., 2021). Which constitutes a financial loss to both the individual and the government. The integration of the devices into the existing Internet of Things IoT is a tremendous breakthrough in technology, even though it comes with more challenges for people living with disabilities and healthcare professionals when safety is compromised. The figure shows that it poses a great deal of danger for direct users because privacy trust is the cornerstone of security.

These barriers contribute to high abandonment rates of about 75% for hearing aids (Scherer, 1996) and more widely 35% of products are accepted to be abandoned by users (Dawe, 2006) because the product does not meet security needs. (McCormack and Fortnum, 2013; Phillips and Zhao, 2010). The paper contributes a new dimension to a secured Smart assistive technology SAT discourse. Explore the financial impact of the threats, specifically looking into how to better mitigate the challenge of security for the rapidly developing SAT for the people who depend on assistive devices to live free and independent lives.

Historically, the government may not have invested in the secured SAT sector because most are without coherent and cohesive local data and robust analysis approaches to make decisions on the efficient security of assistive products and services. One of the reports by the FBI indicated that even when cybercrimes are reported to the law enforcement agency and the police, they lack a central repository for cybercrime data. These constraints mean that federal law enforcement lacks a comprehensive picture of the amount and types of cybercrime carried out using the internet. This challenge makes it difficult for law enforcement to know how much and where to target resources to combat it., (FBI report.,2022). For designers and producers, a lack of SAT demand information limits market entry options, particularly in under-developed countries where SAT provision is often more limited and unmet needs more prevalent. Consequently, this lack of presence prevents SAT producers from developing a stronger understanding of security.

Despite the increasing number of cyberattacks on Smart Assistive Technology SAT, research is still in the infancy stages and there are crucial gaps in the literature that need to be filled. This paper discusses in detail the cybersecurity vulnerabilities and challenges within smart assistive technology utilization and financial impact. Aiming to encourage awareness and more research on the topic. This paper also delves into existing cybersecurity standards in healthcare and offers recommendations to optimize the implementation approaches of the existing standards. Finally, it identifies directions for further research on healthcare cybersecurity including the use of innovative and evidence-based methods, like the living labs.

The importance of cybersecurity

The importance of addressing vulnerabilities and challenges in healthcare cybersecurity cannot be overstated. With the increasing reliance on digital systems and the sensitive information they contain, healthcare organizations are at risk of cyber-attacks and breaches. Insider threats and employee negligence pose a significant vulnerability, as does the use of outdated or unpatched software systems. Weak authentication and password practices further contribute to the risk landscape. As seen today, Cybersecurity is of great importance in today's digital world due to the interconnectivity of technology. The main reasons why the digital world needs to be secured are the following: (a) To protect sensitive healthcare information: medical institutions like hospitals store online personal details, financial data, and intellectual property. So, Cybersecurity measures help safeguard this information from unauthorized access by internet hackers. (b) To prevent people from losing their finances: the tendency of individuals, businesses, and government agencies to lose finances can be avoided with a secure system. Cybersecurity measures help mitigate the risk of financial fraud, ransomware attacks, and other forms of cybercrime that can lead to serious monetary damages to the organization. (c) To keep the privacy of Assistive Technology users safe: In today's digital world, the privacy of medical device users is at serious risk with a high chance of theft and unauthorized surveillance by hackers. So, Cybersecurity measures help individuals maintain control over their private information and protect them from unauthorized access. (d) To preserve the trust of the organization: Trust is the main cornerstone of cybersecurity in the digital world. Cybersecurity can help to build and maintain trust among individuals, businesses, and governments by ensuring that every medical and healthcare information that involves online transactions is safe and secure.

By 2023 Cisco reported that networked devices on the earth will be tripled, so 1trillion networked devices will be embedded in the world around us with up to 45 trillion in 20 years. It is evident that cyberattacks have seen an increase of 125% in the healthcare ecosystems within the last 5 years., (Kitty K. Theo F. and Haralambos M., 2021). Publicly known ransomware cases had their peak in 2017, and this is ongoing: a hospital in Los Angeles, USA was attacked by a hacker who seized control of the systems and the hospital paid a ransom of $17,000; WannaCry in the UK which targeted computers and encrypted data to further demand ransom payments in Bitcoin and Non-Petya which targeted laptops, window’s servers and PC’s seems to have spread like a virus in many infrastructure.

METHODOLOGY

Research methods and data collection

The research method to be adopted for the study is a Survey. However, to develop and distribute survey questionnaires to a sample of assistive technology users, caregivers, and healthcare professionals. And gather quantitative data on the prevalence of cybersecurity awareness, and experiences with security incidents and look at the perceptions of the impact of cybersecurity on assistive devices.

Another method to be adopted is the in-depth interview approach. The research will conduct semi-structured interviews to ascertain expert opinions on assistive technology and individuals with disabilities who use assistive devices. And perhaps explore their perspectives on the current state of cybersecurity in assistive devices to gather insights into potential risks.

Ethical considerations

Ethical considerations play a crucial role in the development and implementation of smart assistive technology. One of the primary concerns is privacy and data security, as these technologies often collect and analyze sensitive personal information. Ensuring the confidentiality and proper use of this data is essential to maintain trust between users and developers. Another ethical consideration is the potential for algorithmic bias, where the technology may discriminate against certain individuals or groups. This bias can result in unequal access to assistive technology and reinforce societal inequalities. Additionally, there is a need to address the ethical implications of integrating artificial intelligence into assistive devices, such as issues related to autonomy and decision-making. Lastly, the equitable distribution and affordability of smart assistive technology should be considered to ensure that access is not limited to only those who can afford it. Addressing these ethical considerations is vital for the responsible development and use of smart assistive technology.

CYBERSECURITY CHALLENGES IN SMART ASSISTIVE TECHNOLOGY

Data security and privacy

            Data security and privacy are critical components of cybersecurity geared toward the protection of sensitive information from unauthorized access, disclosure, alteration, and destruction. As our reliance on digital technologies continues to grow, the importance of safeguarding data has become imperative. Again, data security involves implementing techniques to ensure the integrity and availability of data. This includes safeguarding information from both internal and external threats. Encryption is a fundamental aspect of data security, where data is encoded to make it unreadable without the appropriate decryption key. Access controls, firewalls, and secure authentication mechanisms are crucial in preventing unauthorized access to people's information.

Authentication and access control

Authentication is the process of verifying the identity of a user of the system, or entity attempting to access a computer system or network. The various types of access controls are password authentication: Here the users provide a unique password of username and password. Multi-factor authentication: this requires the user to provide multiple forms of identification, such as passwords, security tokens, or biometrics. Biometric authentication: this requires a biological feature like a face scan, fingerprints, retina scan, or facial recognition to identify the user. Token authentication: This technique involves the use of physical or virtual access, often in combination with a password. Lastly, certificate authentication, this method requires digital certificates to validate the identity of users.

Vulnerability in smart devices

The major vulnerability experienced on SAT is the insecure communication protocols. The SAT devices of ten rely on wireless communication for data exchange, however, the vulnerabilities in the network communication protocols could be exploited by malicious persons to intercept or manipulate data, which can potentially lead to unauthorized control or monitoring of the device. Another factor is the issue of lack of software security updates as seen in the phones. Some SAT devices may not receive regular security updates or patches, which makes them susceptible to emerging threats. Outdated software can be a target for hackers to exploit to compromise the functionality of the device.

ETHICAL IMPLICATIONS

Privacy and autonomy

In conducting this study, the privacy and confidentiality of all the participants were kept anonymous. This involves making sure sensitive information like date of birth, names, and SSN of the participants are kept hidden from the public.

Informed consent

Before proceeding with the research, the participants were informed about the aim of the research and their free will to either accept or decline to participate. They should be willing to take part in the study voluntarily without being forced. Research participants were also informed of the purpose, risks, and benefits of participating in the study.

 

The Vulnerable populations

There existed a community often overlooked and underestimated—the Vulnerable Populations. This diverse group comprised individuals with various disabilities, each navigating the challenges of daily life in their own unique way. However, it’s important to note that advancements in technology have continually contributed to the development of new and improved assistive devices, like wheelchairs, Canes, Crutches, Walker, Mobility scooters, Screen readers for computers and smartphones, Braile, and Magnifiers, offering greater independence and improved quality of life for individuals with disabilities. Additionally, the appropriateness of a particular assistive device depends on the individual's specific needs and abilities.

MITIGATION STRATEGIES

Best practices for improving Cybersecurity.

Improving cybersecurity involves a combination of technical measures, policies, and user awareness. Other key strategies to enhance the cybersecurity of SAT are as follows:

(a)   Risks Assessment: Identify potential risks and vulnerabilities and conduct risk assessments to stay informed of emerging security risks.

(b)  Education and training: IT specialists working with cybersecurity need to practice best practices and ensure data protection. They should also conduct regular training.

(c)   Access Control: adopting the principles of restrictive access rights for the users and adopting regular review of user’s permissions based on job duties and responsibilities.

(d)  Adopting Multi-factor Authentication (MFA): Using MFA for sensitive information helps to add an extra layer of security that requires users to provide multiple forms of identification.

(e)   Constant software update: making sure all operating systems' antivirus programs and applications are updated regularly.

Future development and innovation

The general trends and potential future developments in smart assistive devices are crucial to understanding how persons with disabilities can be assisted to live independent lives. The field of technology is rapidly evolving, and there have been further advancements. Here are some areas of innovation to watch for in smart assistive devices:

(a)   Artificial intelligence AI and machine learning: The integrated Al algorithms can help enhance the adaptability and personalization of assistive devices. These technologies can learn from user behavior, anticipate needs, and provide more intelligent and context-aware assistance.

(b)  The Internet of Things: integration of IoT technology allows devices to communicate with each other and with centralized systems. This connectivity can enhance the functionality of assistive devices, such as remote monitoring and control, as well as real-time data analysis.

(c)   Robotics: Developments in robotics can lead to more sophisticated and capable assistive devices, such as robotic exoskeletons for mobility support or robotic prosthetics with improved dexterity and natural movement.

(d)  Brain-computer interface: Direct communication between the brain and devices is an exciting area of research. BCIs could enable individuals with severe disabilities to control devices or even prosthetics using their thoughts.

CONCLUSIONS

Key findings

The impact of cybersecurity on smart assistive technology is a multifaceted issue that touches upon technology, ethics, and policy. The research paper aims to provide a comprehensive understanding of this topic by examining current challenges, ethical issues, and policy considerations. Through a multidisciplinary approach, we seek to offer insight and recommendations to ensure that the integration of smart assistive technology SAT into the lives of vulnerable populations is secure, respectful of privacy, and conducive to enhancing the well-being of users. As technology continues to advance, addressing these challenges is crucial for a more inclusive and secure future.

Recommendations for a secure and ethical future

These are the recommendations that will help build a secured SAT that helps vulnerable persons:

i.               Regular software updates and management: this involves keeping all the software and systems always updated to address vulnerabilities.

ii.              Reliable authentication Mechanisms: the implementation of multi-factor authentication (MFA), which adds extra layers to the SAT will help reduce the problems of cybercrime.

iii.            Encryption of data: Encrypting sensitive data in all SAT devices will help to protect unidentified people from having unauthorized access.

iv.            Regular security audits and testing: Conducting regular security audits on SAT will help stop any unwanted person from gaining access to the system.

v.              Using Cloud security: the use of cloud services to implement strong security measures and configurations to protect sensitive data in the cloud.

 

 

 

 

 

 

 

 

REFERENCE

WREH. (2023). Cybersecurity in medical devices. In Medical Device Regulation:

FDA-CDRH Manufacturing, Policies and Regulation Handbook / (pp. 345–368). Academic Press. https://doi.org/10.1016/B978-0-323-95354-2.00014-1

Holdsworth, J., Glisson, W. B., & Choo, K. R. (2019). Medical device vulnerability mitigation

effort gap analysis taxonomy. Smart Health, 12, 82-98. https://doi.org/10.1016/j.smhl.2017.12.001.

Thomasian, N. M., & Adashi, E. Y. (2021). Cybersecurity in the Internet of Medical Things.

Health Policy and Technology, 10(3), 100549. https://doi.org/10.1016/j.hlpt.2021.100549.

Kitty, K., Theo, F., and Haralambos, M., (2021). The landscape of cybersecurity

vulnerabilities and challenges in healthcare: Security standards and paradigm shift recommendations. In Proceedings of the 16th International Conference on Availability, Reliability and Security (ARES '21). Association for Computing Machinery, New York, NY, USA, Article 136, 1–9. https://doi-org.ezproxy.mnsu.edu/10.1145/3465481.3470033

Hadian, M., Altuwaiyan, T., Liang, X., & Li, W. (2019). Privacy-preserving voice-based

search over mHealth data. Smart Health, 12, 24-34. https://doi.org/10.1016/j.smhl.2018.04.001

Sublett, C., & Marsh, W. “. (2020). Cybersecurity of digital diabetes devices. Diabetes

Digital Health, 271-283. https://doi.org/10.1016/B978-0-12-817485-2.00020-1

Irina, B., and Mkwashi, A., (2023). Risk Assessment and Classification of Medical

Device Software for the Internet of Medical Things: Challenges arising from connected, intelligent medical devices. In Proceedings of the 12th International Conference on the Internet of things (iot 22). Association for Computing Machinery, New York, NY, USA, 171-178. https://doi.org.ezproxy.edu/10.1145/3567445.3571104

Comments

Post a Comment

Popular posts from this blog

Demand of High-Speed Application

  Demands for High-Speed Applications   Introduction High-speed applications refer to software, systems, or devices that require rapid data processing and transfer to meet specific performance objectives. High-speed applications have become an integral part of modern technology, impacting various sectors such as telecommunications, transportation, healthcare, and manufacturing. These applications demand rapid data processing, low latency, and robust network infrastructure to function effectively and enhance user experiences. Examples of high-speed applications include 5G communication networks, autonomous vehicles, online gaming, medical imaging, and high-frequency trading in financial markets. Aim: This research paper explores the key demands and challenges associated with high-speed applications, the technologies that enable them, and potential future trends in this field. Demand for high-speed applications is being driven by various factors across different indus...
Read more