Epidemic? The Attack Surface of German Hospitals during the COVID-19 Pandemic

TL;DR

This study examines the cybersecurity vulnerabilities of German hospitals during COVID-19 by analyzing publicly visible attack surfaces, revealing significant vulnerabilities and their correlation with hospital size.

Contribution

It introduces a comprehensive methodology combining Internet scanning, Big Data, and vulnerability analysis to assess hospital cybersecurity risks during a pandemic.

Findings

32% of services were vulnerable to various degrees

36% of hospitals had numerous vulnerabilities

Vulnerabilities correlated with hospital size and bed count

Abstract

In our paper we analyze the attack surface of German hospitals and healthcare providers in 2020 during the COVID-19 Pandemic. The analysis looked at the publicly visible attack surface utilizing a Distributed Cyber Recon System, utilizing distributed Internet scanning, Big Data methods and scan data of 1,483 GB from more than 89 different global Internet scans. From the 1,555 identified German clinical entities, security posture analysis was conducted by looking at more than 13,000 service banners for version identification and subsequent CVE-based vulnerability identification. Primary analysis shows that 32 percent of the analyzed services were determined as vulnerable to various degrees and 36 percent of all hospitals showed numerous vulnerabilities. Further resulting vulnerability statistics were mapped against size of organization and hospital bed count.