K. Lung: J Extra Corpor Technol 2026, 58, 3 – 18 17
6. Coventry L, Branley D. Cybersecurity in healthcare: A narrative review of trends, threats and ways forward. Maturitas. 2018; 113:48 – 52.
7. Cartwright AJ. The elephant in the room: Cybersecurity in healthcare. J Clin Monit Comput. 2023; 37( 5): 1123 – 1132.
8. Nifakos S, Chandramouli K, Nikolaou CK, et al. Influence of human factors on cyber security within healthcare organisations: A systematic review. Sensors. 2021; 21( 15): 5119.
9. Bhuyan SS, Kabir UY, Escareno JM, et al. Transforming healthcare cybersecurity from reactive to proactive: current status and future recommendations. J Med Syst. 2020; 44:1 – 9.
10. Jerry-Egemba N. Safe and sound: Strengthening cybersecurity in healthcare through robust staff educational programs. Healthc Manage Forum. 2024; 37( 1): 21 – 25.
11. Argaw ST, Bempong NE, Eshaya-Chauvin B, Flahault A. The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review. BMC Med Inform Decis Mak. 2019; 19:1 – 11.
12. Kessler SR, Pindek S, Kleinman G, Andel SA, Spector PE. Information security climate and the assessment of information security risk among healthcare employees. Health Informat J. 2020; 26( 1): 461 – 473.
13. Imprivata. If 95 % of cyber-attacks are due to human error, why have so few clinicians been trained to avoid them? 2022. Available at https:// www. imprivata. com / blog / if-95-cyberattacks-are-due-human-error-why-have-so-few-clinicians-beentrained-avoid-them. Accessed September 9, 2024.
14. IBM. Cost of a data breach report 2024. 2024. Available at https:// www. ibm. com / reports / data-breach. Accessed August 20, 2024.
15. Choi SJ, Johnson ME, Lehmann CU. Data breach remediation efforts and their implications for hospital quality. Health Serv Res. 2019; 54( 5): 971 – 980.
16. U. S. Department of Health and Human Services. Fact Sheet: Ransomware and HIPAA. 2021. Available at https:// www. hhs. gov / hipaa / for-professionals / security / guidance / cybersecurity / ransomware-fact-sheet / index. html. Accessed September 12, 2024.
17. Tully J, Selzer J, Phillips JP, O’ Connor P, Dameff C. Healthcare challenges in the era of cybersecurity. Health Secur. 2020; 18( 3): 228 – 231.
18. Arctic Wolf. Top 18 Healthcare industry cyber attacks of the decade. 2024. Available at https:// arcticwolf. com / resources / blog /- top-healthcare-industry-cyberattacks. Accessed August 30, 2024.
19. The HIPAA Journal. January 2024 Cyberattack on Lurie Children’ s Hospital Affects 792K Individuals. 2024. Available at https:// www. hipaajournal. com / january-2024-cyberattack-onlurie-childrens-hospital-affects-792k-individuals. Accessed September 20, 2024.
20. TechTarget. BianLian cyberattack hits Boston Children’ s Health Physicians. 2024. Available at https:// www. techtarget. com / healthtechsecurity / news / 366613956 / BianLian-cyberattack-hits- Boston-Childrens-Health-Physicians. Accessed January 28, 2025.
21. International Perfusion Association. LivaNova reports cyberattack compromising US patients’ data. 2024. Available at https:// iperfusion. org / livanova-reports-cyberattack-compromising-uspatients-data. Accessed August 30, 2024.
22. Security Week. Ransomware attack hits OneBlood blood bank, disrupts medical operations. 2024. Available at https:// www. securityweek. com / ransomware-attack-hits-oneblood-bloodbank-disrupts-medical-operations /. Accessed January 28, 2025.
23. International Committee of the Red Cross. Sophisticated cyberattack targets red cross red crescent data on 500, 000 people. 2022. Available at https:// www. icrc. org / en / document / sophisti- cated-cyber-attack-targets-red-cross-red-crescent-data-500000- people. Accessed October 3, 2024.
24. The HIPAA Journal. Initial conference takes place for consolidated change healthcare data breach lawsuit. 2024. Available at https:// www. hipaajournal. com / change-healthcare-respondingto-cyberattack. Accessed September 24, 2024.
25. U. S. Food & Drug Administration. Software as a medical device( SaMD). 2018 Available at https:// www. fda. gov / medicaldevices / digital-health-center-excellence / software-medicaldevice-samd. Accessed August 14, 2024.
26. Nigrin DJ. When“ hacktivists” target your hospital. N Engl J Med. 2014; 371( 5): 393 – 395.
27. Beavers J, Pournouri S. Recent cyber attacks and vulnerabilities in medical devices and healthcare institutions. Blockchain and Clinical Trial: Securing Patient Data. Springer Cham. 2019; 249 – 267.
28. Softpedia. Critical medical equipment vulnerable to LDAP and SQL injection attacks. 2015. Available at https:// news. softpedia.- com / news / critical-medical-equipment-vulnerable-to-ldap-andsql-injection-attacks-497012. shtml. Accessed August 30, 2024.
29. American Hospital Association. CISA warns of high-risk cyber vulnerability for Medtronic cardiac device data management system. 2023. Available at https:// www. aha. org / news / headline / 2023 – 07-06-cisa-warns-high-risk-cyber-vulnerability-medtronic-cardiac-device-data-management-system. Accessed October 1, 2024.
30. JAMA Network. Cybersecurity risk for Medtronic insulin pump. 2022. Available at https:// jamanetwork. com / journals / jama / fullarticle / 2797895. Accessed October 1, 2024.
31. Rjoub G, Bentahar J, Wahab OA, et al. A survey on explainable artificial intelligence for cybersecurity. IEEE Trans Network Serv Manage. 2023; 20( 4): 5115 – 5140.
32. Wired. Medical devices are the next security nightmare. 2017. Available at https:// www. wired. com / 2017 / 03 / medical-devicesnext-security-nightmare. Accessed August 14, 2024.
33. Montañez R, Golob E, Xu S. Human cognition through the lens of social engineering cyberattacks. Front Psychol. 2020; 11:1755.
34. Wired. The hidden injustice of cyberattacks. 2024. Available at https:// www. wired. com / story / cybersecurity-marginalized-communities-problem. Accessed August 9, 2024.
35. Congress. gov. H. R. 2617 – Consolidated Appropriations Act, 2023. 2022. Available at https:// www. congress. gov / bill / 117thcongress / house-bill / 2617 / text. Accessed September 25, 2024.
36. U. S. Food and Drug Administration. Select updates for the premarket cybersecurity guidance: section 524b of the FD & C act. 2024. Available at https:// www. fda. gov / regulatory-information / search-fda-guidance-documents / select-updates-premarketcybersecurity-guidance-section-524b-fdc-act. Accessed August 20, 2024.
37. Upendra P, Prasad P, Jones G, Fortune H. Operationalizing medical device cybersecurity at a tertiary care medical center. Biomed Instrum Technol. 2015; 49( 4): 251 – 258.
38. U. S. Food & Drug Administration. FDA CDRH and medical device cybersecurity: response to NIST regarding president’ s executive order( EO) on improving the cybersecurity of the federal government( EO 14028). 2021. Available at https:// www. fda. gov / media / 149954 / download? attachment. Accessed August 20, 2024.