Journal:Emerging cybersecurity threats in radiation oncology - Revision history

Shawndouglas: /* Discussion */

2022-02-22T19:48:29Z

Discussion

← Older revision		Revision as of 19:48, 22 February 2022
Line 85:		Line 85:

	A non-exhaustive list of recommendations towards improved preparedness are made below.		A non-exhaustive list of recommendations towards improved preparedness are made below.


	:'''1.''' Require multifactor authentication for all identities and send alerts upon unusual behavior.		:'''1.''' Require multifactor authentication for all identities and send alerts upon unusual behavior.

Shawndouglas: Finished adding rest of content.

2022-02-22T19:48:06Z

Finished adding rest of content.

Show changes

Shawndouglas: Saving and adding more.

2022-02-22T19:09:13Z

Saving and adding more.

Shawndouglas: Saving and adding more.

2022-02-22T18:43:59Z

Saving and adding more.

Show changes

Shawndouglas: Saving and adding more.

2022-02-22T17:51:24Z

Saving and adding more.

← Older revision		Revision as of 17:51, 22 February 2022
Line 37:		Line 37:

	==Introduction==		==Introduction==
			Modern image-guided radiation therapy is dependent on information technology and data storage applications that, like any other digital technology, are at risk from cyberattacks. In the fourth quarter of last year, America's healthcare institutions were subjected to a series of coordinated attempts to breach their [[cybersecurity]] defenses with criminal intent. Unfortunately, in some cases, these attempts were successful, resulting in a detriment to patient care. According to ''Cybercrime Magazine'', global cybercrime damage in 2021 amounts to $16.4 billion a day, $684.9 million an hour, $11 million per minute, and $190,000 per second. [1] The World Economic Forum estimated that the likelihood of detecting and prosecuting perpetrators of cyberattacks in the United States is at a dismal 0.05%. [1]

			In the fall of 2020, the U.S. federal government issued a joint advisory warning that the Cybersecurity and Infrastructure Safety Agency (CISA), Federal Bureau of Investigation (FBI), and Department of Health and Human Services (HHS) had credible information of an increased and imminent cybercrime threat to U.S. [[hospital]]s and healthcare providers. [2] More recently, the Director of the FBI compared the increase in ransomware attacks on U.S. infrastructure to the threat of the September 11 terrorist attacks. [3] In New Zealand, ransomware incidents have been recently labeled as having worse impacts on cancer patients than [[coronavirus disease 2019]] (COVID-19). [4]

			As the worst disruptions of the COVID-19 [[pandemic]] have passed (at least in some regions), the next pervasive disruptive threat to our medical profession appears to be cybersecurity risks. In light of this development, the American Society for Radiation Oncology's ''Advances in Radiation Oncology'' is inaugurating a special manuscript category devoted to cybersecurity issues.

			==Emerging cybersecurity threats in 2021==
			A study in 2014 showed that 94% of healthcare institutions have been victims of cyberattacks. [5] Based on a Medical Information Technology Advisors Threat Information Platform analysis [6] of incidents related to the Asian-Pacific, United States, and European Union, as well as various other threat intelligence agencies reports [7], the number of compromised business e-mail accounts and ransomware incidents from phishing or dark web-compromised credentials are growing and quickly becoming the number one risk for healthcare organizations. Recent years have seen an increase in phishing occurrences from “trusted” organizations or services that are being abused. Phishing e-mails will often dangle a financial reward or something too good to be true with urgency or a strict deadline to perform an action. Other attempts could be a promise to show something exciting or forbidden or threating with negative consequences or punishment. The phishing e-mail will often have an unexpected attachment, spoofed website, or link to update your password. ("Call the sender to verify whether the e-mail is legitimate" is often best before taking any action.)

			The United States has seen an increase in ransomware, especially from ransomware as a service groups using double and even triple extortion tactics. Data are [[Encryption\|encrypted]] and exfiltrated from the attacked healthcare organization, and then the attackers threaten to publish the data, directly extort patients, or threaten a distributed denial of service (DDoS) attack. [8] In fact, the HHS' Health Sector Cybersecurity Coordination Center (HC3) has found that 60% of global cybersecurity incidents during the first half of 2021 targeting healthcare providers affected the U.S. health sector. [9] Ransomware incidents are becoming linked to data breaches because in at least 72% of ransomware incidents, victim data were leaked. [10]

			In an analysis of 5,275 reported cybersecurity breaches last year, the number one method used was social engineering, with 85% of breaches involving a human element in a targeted organization. The threat to healthcare organizations in recent years has shifted from malicious internal actors to external organizations. Personal data, rather than medical data, is the most commonly stolen information in a security breach, with financial motivation behind 91% of attacks. [11]

			Usual scam tactics, including fear-based themes, prove to be successful, with only a few changes in frequency and some techniques abusing legitimate services to bypass protections. Themes on COVID-19, the work-from-home initiative, registration renewals, secure document exchanges, and even local festivals are used to trick victims into allowing these attacks. Some of the COVID-19 themes used in e-crime phishing schemes during the pandemic include [12]:

			* exploitation of individuals looking for details on disease tracking, testing, and treatment;
			* impersonation of medical bodies, including the World Health Organization (WHO) and U.S. Centers for Disease Control and Prevention (CDC);
			* financial assistance and government stimulus packages;
			* tailored attacks against employees working from home;
			* scams offering personal protective equipment; and
			* passing mention of COVID-19 within previously used phishing lure content (e.g., deliveries, invoices, and purchase orders).

			The existing disruptions in healthcare globally presented new vulnerabilities for cybercrime. [13] Some cybercrime organizations announced their intention to not intentionally impact healthcare organizations during the pandemic, although how well they adhered to those pledges is unclear. Other organizations, such as Wizard Spider, intentionally targeted healthcare organizations at the end of October of 2020 at a time of increased medical facility utilization, when hospitals and clinics were under increasing pressure from the start of the influenza season and the pandemic fall surge. These actions mirrored a similar approach used against other industries, one of deliberately targeting organizations during times of institutional stress, such as what occurred with educational institutions at the start of the 2019 school year. [12]

			Malicious actors have made phishing and malware smarter using new techniques to bypass sandbox detonations (i.e., artificial network environments designed to trigger malware in a closed network), and are increasingly using “trusted” compromised accounts and services to launch their attacks. Third-party supply chain risks and the [[internet of things]] (IoT) environment makes threat management complex and increases the attack surface. The World Economic Forum estimated that attacks on IoT devices soared by 300% in 2019. The increase in the number of individuals now working from home has added additional risks and increased the complexity in combating attacks. Healthcare organizations are typically attacked by well-organized crime organizations and state-sponsored actors. The predicted cost of ransomware damage in 2021 ($20 billion) is 57 times more than the cost in 2015. [1]

			Finally, the lack of correlation, collaboration, and communication between service providers and their information technology partners increases the ease with which attackers can affect a wide range of targets. Organizations face at least 10 major cybersecurity risks today, including [14]:

Shawndouglas: Created stub. Saving and adding more.

2022-02-22T17:23:46Z

Created stub. Saving and adding more.

New page

{{Infobox journal article
|name =
|image =
|alt = 
|caption =
|title_full = Emerging cybersecurity threats in radiation oncology
|journal = ''Advances in Radiation Oncology''
|authors = Joyce, Christine; Roman, Faustin L.; Miller, Brett; Jeffries, John; Miller, Robert C.
|affiliations = The University of Tennessee Health Science Center, Medical IT Advisors, University of Tennessee Medical Center
|contact = Email: rcmiller at utmck dot edu
|editors =
|pub_year = 2021
|vol_iss = '''6'''(6)
|at = 100796
|doi = [http://dx.doi.org/10.1016/j.adro.2021.100796 10.1016/j.adro.2021.100796]
|issn = 2452-1094
|license = [https://creativecommons.org/licenses/by-nc-nd/4.0/ Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International]
|website = [https://www.sciencedirect.com/science/article/pii/S2452109421001548 https://www.sciencedirect.com/science/article/pii/S2452109421001548]
|download = [https://www.sciencedirect.com/science/article/pii/S2452109421001548/pdfft https://www.sciencedirect.com/science/article/pii/S2452109421001548/pdfft] (PDF)
}}
{{ombox
| type = notice
| image = [[Image:Emblem-important-yellow.svg|40px]]
| style = width: 500px;
| text = This article should be considered a work in progress and incomplete. Consider this article incomplete until this notice is removed.
}}
==Abstract==
'''Purpose''': Modern image-guided radiation therapy is dependent on information technology and data storage applications that, like any other digital technology, are at risk from cyberattacks. Owing to a recent escalation in cyberattacks affecting radiation therapy treatments, the American Society for Radiation Oncology's ''Advances in Radiation Oncology'' is inaugurating a new special manuscript category devoted to [[cybersecurity]] issues.

'''Methods and materials''': We conducted a review of emerging cybersecurity threats and a literature review of cyberattacks that affected [[Radiation oncologist|radiation oncology]] practices.

'''Results''': In the last 10 years, numerous attacks have led to an interruption of radiation therapy for thousands of patients, and some of these catastrophic incidents have been described as being worse than [[coronavirus disease 2019]]'s impact on healthcare centers in New Zealand.

'''Conclusions''': Cybersecurity threats continue to evolve, making combatting these attacks more difficult for healthcare organizations, requiring a change in strategies, tactics, and culture around cybersecurity in health and radiation oncology. We recommend an "assume-breach" mentality (threat-informed defense posture) and adopting a [[Cloud computing|cloud-first]] and zero-trust security strategy. A reliance on computer-driven technology makes radiation oncology practices more vulnerable to cyberattacks. Healthcare providers should increase their resilience and cybersecurity maturity. The increase in the diversity of these attacks demands improved preparedness and collaboration between [[Oncology|oncologic]] treatment centers both nationwide and internationally to protect patients.

'''Keywords''': cybersecurity, radiation oncology

==Introduction==

==References==
{{Reflist|colwidth=30em}}

==Notes==
This presentation is faithful to the original, with only a few minor changes to presentation, grammar, and punctuation. In some cases important information was missing from the references, and that information was added. Everything else remains true to the original article, per the "NoDerivatives" portion of the distribution license.


[[Category:LIMSwiki journal articles (added in 2022)]]
[[Category:LIMSwiki journal articles (all)]]
[[Category:LIMSwiki journal articles on cybersecurity]]
[[Category:LIMSwiki journal articles on health informatics]]

← Older revision		Revision as of 19:09, 22 February 2022
Line 37:		Line 37:

	==Introduction==		==Introduction==
	Modern image-guided radiation therapy is dependent on information technology (IT) and data storage applications that, like any other digital technology, are at risk from cyberattacks. In the fourth quarter of last year, America's healthcare institutions were subjected to a series of coordinated attempts to breach their [[cybersecurity]] defenses with criminal intent. Unfortunately, in some cases, these attempts were successful, resulting in a detriment to patient care. According to ''Cybercrime Magazine'', global cybercrime damage in 2021 amounts to $16.4 billion a day, $684.9 million an hour, $11 million per minute, and $190,000 per second. ~~[1]~~ The World Economic Forum estimated that the likelihood of detecting and prosecuting perpetrators of cyberattacks in the United States is at a dismal 0.05%. ~~[1]~~		Modern image-guided radiation therapy is dependent on information technology (IT) and data storage applications that, like any other digital technology, are at risk from cyberattacks. In the fourth quarter of last year, America's healthcare institutions were subjected to a series of coordinated attempts to breach their [[cybersecurity]] defenses with criminal intent. Unfortunately, in some cases, these attempts were successful, resulting in a detriment to patient care. According to ''Cybercrime Magazine'', global cybercrime damage in 2021 amounts to $16.4 billion a day, $684.9 million an hour, $11 million per minute, and $190,000 per second.<ref name=":0">{{Cite web \|last=Chang, J. \|date=2020 \|title=119 Impressive Cybersecurity Statistics: 2021/2022 Data & Market Analysis \|url=https://financesonline.com/cybersecurity-statistics/ \|publisher=Finances Online \|accessdate=04 June 2021}}</ref> The World Economic Forum estimated that the likelihood of detecting and prosecuting perpetrators of cyberattacks in the United States is at a dismal 0.05%.<ref name=":0" />

	In the fall of 2020, the U.S. federal government issued a joint advisory warning that the Cybersecurity and Infrastructure Safety Agency (CISA), Federal Bureau of Investigation (FBI), and Department of Health and Human Services (HHS) had credible information of an increased and imminent cybercrime threat to U.S. [[hospital]]s and healthcare providers. ~~[2]~~ More recently, the Director of the FBI compared the increase in ransomware attacks on U.S. infrastructure to the threat of the September 11 terrorist attacks. ~~[3]~~ In New Zealand, ransomware incidents have been recently labeled as having worse impacts on [[cancer]] patients than [[coronavirus disease 2019]] (COVID-19). ~~[4]~~		In the fall of 2020, the U.S. federal government issued a joint advisory warning that the Cybersecurity and Infrastructure Safety Agency (CISA), Federal Bureau of Investigation (FBI), and Department of Health and Human Services (HHS) had credible information of an increased and imminent cybercrime threat to U.S. [[hospital]]s and healthcare providers.<ref>{{Cite web \|date=02 November 2020 \|title=Alert (AA20-302A) Ransomware Activity Targeting the Healthcare and Public Health Sector \|work=National Cyber Awareness System \|url=https://www.cisa.gov/uscert/ncas/alerts/aa20-302a \|publisher=Cybersecurity & Infrastructure Security Agency \|accessdate=01 February 2021}}</ref> More recently, the Director of the FBI compared the increase in ransomware attacks on U.S. infrastructure to the threat of the September 11 terrorist attacks.<ref>{{Cite web \|last=Viswanatha, A.; Volz, D. \|date=04 June 2021 \|title=FBI Director Compares Ransomware Challenge to 9/11 \|work=The Wall Street Journal \|url=https://www.wsj.com/articles/fbi-director-compares-ransomware-challenge-to-9-11-11622799003?mod=e2twp \|accessdate=04 June 2021}}</ref> In New Zealand, ransomware incidents have been recently labeled as having worse impacts on [[cancer]] patients than [[coronavirus disease 2019]] (COVID-19).<ref>{{Cite web \|last=Ensor, J. \|date=27 May 2021 \|title='Catastrophic failure': Cyber attack on Waikato DHB 'worse than COVID', significant impact on radiation patients - expert \|work=MSN \|url=https://www.msn.com/en-nz/news/national/catastrophic-failure-cyber-attack-on-waikato-dhb-worse-than-covid-significant-impact-on-radiation-patients-expert/ar-AAKsC9j?ocid=entnewsntp \|publisher=Microsoft \|accessdate=04 June 2021}}</ref>

	As the worst disruptions of the COVID-19 [[pandemic]] have passed (at least in some regions), the next pervasive disruptive threat to our medical profession appears to be cybersecurity risks. In light of this development, the American Society for Radiation Oncology's ''Advances in Radiation Oncology'' is inaugurating a special manuscript category devoted to cybersecurity issues.		As the worst disruptions of the COVID-19 [[pandemic]] have passed (at least in some regions), the next pervasive disruptive threat to our medical profession appears to be cybersecurity risks. In light of this development, the American Society for Radiation Oncology's ''Advances in Radiation Oncology'' is inaugurating a special manuscript category devoted to cybersecurity issues.

	==Emerging cybersecurity threats in 2021==		==Emerging cybersecurity threats in 2021==
	A study in 2014 showed that 94% of healthcare institutions have been victims of cyberattacks. ~~[5]~~ Based on a Medical Information Technology Advisors Threat Information Platform analysis ~~[6]~~ of incidents related to the Asian-Pacific, United States, and European Union, as well as various other threat intelligence agencies reports ~~[7]~~, the number of compromised business e-mail accounts and ransomware incidents from phishing or dark web-compromised credentials are growing and quickly becoming the number one risk for healthcare organizations. Recent years have seen an increase in phishing occurrences from “trusted” organizations or services that are being abused. Phishing e-mails will often dangle a financial reward or something too good to be true with urgency or a strict deadline to perform an action. Other attempts could be a promise to show something exciting or forbidden or threating with negative consequences or punishment. The phishing e-mail will often have an unexpected attachment, spoofed website, or link to update your password. ("Call the sender to verify whether the e-mail is legitimate" is often best before taking any action.)		A study in 2014 showed that 94% of healthcare institutions have been victims of cyberattacks.<ref>{{Cite web \|last=Filkins, B. \|title=Health care cyberthreat report: Widespread compromises detected, compliance nightmare on horizon paper \|url=http://www.sans.org/reading-room/whitepapers/firewalls/paper/34735 \|publisher=SANS \|accessdate=24 June 2021}}</ref>{{Dead link}} Based on a Medical Information Technology Advisors Threat Information Platform analysis<ref>{{Cite web \|title=Private communication, Medical Information Technology Advisors Threat Intelligence Platform \|url=https://www.meditadvisors.com/ \|publisher=Medical IT Advisors \|accessdate=04 June 2021}}</ref> of incidents related to the Asian-Pacific, United States, and European Union, as well as various other threat intelligence agencies reports<ref>{{Cite web \|last=Richard, N.; Andonov, D. \|date=04 May 2021 \|title=The UNC2529 Triple Double: A Trifecta Phishing Campaign \|url=https://www.mandiant.com/resources/unc2529-triple-double-trifecta-phishing-campaign \|publisher=Mandiant \|accessdate=14 June 2021}}</ref>, the number of compromised business e-mail accounts and ransomware incidents from phishing or dark web-compromised credentials are growing and quickly becoming the number one risk for healthcare organizations. Recent years have seen an increase in phishing occurrences from “trusted” organizations or services that are being abused. Phishing e-mails will often dangle a financial reward or something too good to be true with urgency or a strict deadline to perform an action. Other attempts could be a promise to show something exciting or forbidden or threating with negative consequences or punishment. The phishing e-mail will often have an unexpected attachment, spoofed website, or link to update your password. ("Call the sender to verify whether the e-mail is legitimate" is often best before taking any action.)

	The United States has seen an increase in ransomware, especially from ransomware as a service groups using double and even triple extortion tactics. Data are [[Encryption\|encrypted]] and exfiltrated from the attacked healthcare organization, and then the attackers threaten to publish the data, directly extort patients, or threaten a distributed denial of service (DDoS) attack. ~~[8]~~ In fact, the HHS' Health Sector Cybersecurity Coordination Center (HC3) has found that 60% of global cybersecurity incidents during the first half of 2021 targeting healthcare providers affected the U.S. health sector. [9] Ransomware incidents are becoming linked to data breaches because in at least 72% of ransomware incidents, victim data were leaked. [10]		The United States has seen an increase in ransomware, especially from ransomware as a service groups using double and even triple extortion tactics. Data are [[Encryption\|encrypted]] and exfiltrated from the attacked healthcare organization, and then the attackers threaten to publish the data, directly extort patients, or threaten a distributed denial of service (DDoS) attack.<ref>{{Cite web \|last=Tanner, J. \|date=25 October 2020 \|title=Finland shocked by therapy center hacking, client blackmail \|work=ABC News \|url=https://abcnews.go.com/Health/wireStory/finland-shocked-therapy-center-hacking-client-blackmail-73817011 \|accessdate=04 June 2021}}</ref> In fact, the HHS' Health Sector Cybersecurity Coordination Center (HC3) has found that 60% of global cybersecurity incidents during the first half of 2021 targeting healthcare providers affected the U.S. health sector. [9] Ransomware incidents are becoming linked to data breaches because in at least 72% of ransomware incidents, victim data were leaked. [10]

	In an analysis of 5,275 reported cybersecurity breaches last year, the number one method used was social engineering, with 85% of breaches involving a human element in a targeted organization. The threat to healthcare organizations in recent years has shifted from malicious internal actors to external organizations. Personal data, rather than medical data, is the most commonly stolen information in a security breach, with financial motivation behind 91% of attacks. [11]		In an analysis of 5,275 reported cybersecurity breaches last year, the number one method used was social engineering, with 85% of breaches involving a human element in a targeted organization. The threat to healthcare organizations in recent years has shifted from malicious internal actors to external organizations. Personal data, rather than medical data, is the most commonly stolen information in a security breach, with financial motivation behind 91% of attacks. [11]
Line 52:		Line 52:
	Usual scam tactics, including fear-based themes, prove to be successful, with only a few changes in frequency and some techniques abusing legitimate services to bypass protections. Themes on COVID-19, the work-from-home initiative, registration renewals, secure document exchanges, and even local festivals are used to trick victims into allowing these attacks. Some of the COVID-19 themes used in e-crime phishing schemes during the pandemic include [12]:		Usual scam tactics, including fear-based themes, prove to be successful, with only a few changes in frequency and some techniques abusing legitimate services to bypass protections. Themes on COVID-19, the work-from-home initiative, registration renewals, secure document exchanges, and even local festivals are used to trick victims into allowing these attacks. Some of the COVID-19 themes used in e-crime phishing schemes during the pandemic include [12]:

	* exploitation of individuals looking for details on disease tracking, testing, and treatment;		*exploitation of individuals looking for details on disease tracking, testing, and treatment;
	* impersonation of medical bodies, including the World Health Organization (WHO) and U.S. Centers for Disease Control and Prevention (CDC);		*impersonation of medical bodies, including the World Health Organization (WHO) and U.S. Centers for Disease Control and Prevention (CDC);
	* financial assistance and government stimulus packages;		*financial assistance and government stimulus packages;
	* tailored attacks against employees working from home;		*tailored attacks against employees working from home;
	* scams offering personal protective equipment; and		*scams offering personal protective equipment; and
	* passing mention of COVID-19 within previously used phishing lure content (e.g., deliveries, invoices, and purchase orders).		*passing mention of COVID-19 within previously used phishing lure content (e.g., deliveries, invoices, and purchase orders).

	The existing disruptions in healthcare globally presented new vulnerabilities for cybercrime. [13] Some cybercrime organizations announced their intention to not intentionally impact healthcare organizations during the pandemic, although how well they adhered to those pledges is unclear. Other organizations, such as Wizard Spider, intentionally targeted healthcare organizations at the end of October of 2020 at a time of increased medical facility utilization, when hospitals and clinics were under increasing pressure from the start of the influenza season and the pandemic fall surge. These actions mirrored a similar approach used against other industries, one of deliberately targeting organizations during times of institutional stress, such as what occurred with educational institutions at the start of the 2019 school year. [12]		The existing disruptions in healthcare globally presented new vulnerabilities for cybercrime. [13] Some cybercrime organizations announced their intention to not intentionally impact healthcare organizations during the pandemic, although how well they adhered to those pledges is unclear. Other organizations, such as Wizard Spider, intentionally targeted healthcare organizations at the end of October of 2020 at a time of increased medical facility utilization, when hospitals and clinics were under increasing pressure from the start of the influenza season and the pandemic fall surge. These actions mirrored a similar approach used against other industries, one of deliberately targeting organizations during times of institutional stress, such as what occurred with educational institutions at the start of the 2019 school year. [12]
Line 65:		Line 65:
	Finally, the lack of correlation, collaboration, and communication between service providers and their IT partners increases the ease with which attackers can affect a wide range of targets. Organizations face at least 10 major cybersecurity risks today, including [14]:		Finally, the lack of correlation, collaboration, and communication between service providers and their IT partners increases the ease with which attackers can affect a wide range of targets. Organizations face at least 10 major cybersecurity risks today, including [14]:

	# Phishing, including business e-mail compromises		#Phishing, including business e-mail compromises
	# Ransomware attacks, including DDoS		#Ransomware attacks, including DDoS
	# Hacking of unpatched software and external services (remote desktop protocol, virtual private network, file transfer protocol, databases)		#Hacking of unpatched software and external services (remote desktop protocol, virtual private network, file transfer protocol, databases)
	# Software vulnerabilities and misconfigurations		#Software vulnerabilities and misconfigurations
	# Lack of security logging and monitoring		#Lack of security logging and monitoring
	# Third-party supplier's security ([[Cloud computing\|cloud]], IoT, apps)		#Third-party supplier's security ([[Cloud computing\|cloud]], IoT, apps)
	# Inadequate processes (e.g., patching, backup, change management)		#Inadequate processes (e.g., patching, backup, change management)
	# Technical debt/legacy software and increased attack surface		#Technical debt/legacy software and increased attack surface
	# User-based mistakes and lack of cybersecurity awareness (technical, operational, and user literacy)		#User-based mistakes and lack of cybersecurity awareness (technical, operational, and user literacy)
	# Threat identification and incident response		#Threat identification and incident response

	==Cyberattacks affecting radiation oncology providers==		==Cyberattacks affecting radiation oncology providers==
Line 156:		Line 156:

	==Notes==		==Notes==
	This presentation is faithful to the original, with only a few minor changes to presentation, grammar, and punctuation. In some cases important information was missing from the references, and that information was added. Tables were turned into inline text. A citation for the mentioned HHS ONC Breach Portal was added. Everything else remains true to the original article, per the "NoDerivatives" portion of the distribution license.		This presentation is faithful to the original, with only a few minor changes to presentation, grammar, and punctuation. In some cases important information was missing from the references, and that information was added. Tables were turned into inline text. A citation for the mentioned HHS ONC Breach Portal was added. The Filkins cyberthreat report (Citation 5) is a dead URL, and an archived version of the report could not be found. Everything else remains true to the original article, per the "NoDerivatives" portion of the distribution license.

	<!--Place all category tags here-->		<!--Place all category tags here-->