ABSTRACT
Hospitals are incorporating Medical Cyber-Physical Systems (MCPSs), which combine the physical world, in which interoperable medical devices monitor a patient, with the cyber world, where algorithms process and analyze the data acquired by medical devices to improve patients' care. Despite the benefits, MCPSs also open the door to new cybersecurity problems affecting the physical integrity of people, and the confidentiality, integrity, and availability of their sensitive data. One of the most important problems in these interoperable clinical systems is ransomware. In 2018, a Verizon data breach report stated that ransomware represents 85% of all malware in health care, and more than 70% of attacks confirmed data disclosure. To improve this situation, we have designed, implemented, and validated a solution that protects the security of MCPS scenarios. The proposed solution relies on network management rules, able to detect the ransomware diffusion phase in real time, and virtualization techniques to mitigate the attacks. To validate the proposed solution, we have deployed a proof of concept to detect and mitigate WannaCry and Petya ransomware. Finally, the performance of the solution has been measured through several experiments that demonstrate its viability.
