Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2023;35(19):13823-13837.
doi: 10.1007/s00521-021-06720-1. Epub 2022 Jan 20.

A cyber warfare perspective on risks related to health IoT devices and contact tracing

Andrea Bobbio  1 Lelio Campanile  2 Marco Gribaudo  3 Mauro Iacono  2 Fiammetta Marulli  2 Michele Mastroianni  2
Affiliations

A cyber warfare perspective on risks related to health IoT devices and contact tracing

Andrea Bobbio et al. Neural Comput Appl. 2023.

Abstract

The wide use of IT resources to assess and manage the recent COVID-19 pandemic allows to increase the effectiveness of the countermeasures and the pervasiveness of monitoring and prevention. Unfortunately, the literature reports that IoT devices, a widely adopted technology for these applications, are characterized by security vulnerabilities that are difficult to manage at the state level. Comparable problems exist for related technologies that leverage smartphones, such as contact tracing applications, and non-medical health monitoring devices. In analogous situations, these vulnerabilities may be exploited in the cyber domain to overload the crisis management systems with false alarms and to interfere with the interests of target countries, with consequences on their economy and their political equilibria. In this paper we analyze the potential threat to an example subsystem to show how these influences may impact it and evaluate a possible consequence.

Keywords: COVID-19; Cyber warfare; IoT; Risk analysis; Security.

PubMed Disclaimer

Conflict of interest statement

Conflict of interestThe authors declare that they have no conflict of interest.

Figures

Fig. 1
Fig. 1
Influence Net for the scenario
Fig. 2
Fig. 2
Description of the behavior of the contact tracing protocol
Fig. 3
Fig. 3
The coloured Petri net model for the considered subsystems
Fig. 4
Fig. 4
The MAM for the considered subsystems
Fig. 5
Fig. 5
The evolution of the average number of people in the considered states
Fig. 6
Fig. 6
Susceptible, Infected, total population at home, and average waiting time as function of the contact rate α
Fig. 7
Fig. 7
Growth of total quarantined persons in function of false positives
See this image and copyright information in PMC

References

    1. Ahmed N, Michelin RA, Xue W, Ruj S, Malaney R, Kanhere SS, Seneviratne A, Hu W, Janicke H, Jha SK. A survey of covid-19 contact tracing apps. IEEE Access. 2020;8:134577–134601. doi: 10.1109/ACCESS.2020.3010226. - DOI
    1. Alaba FA, Othman M, Hashem IAT, Alotaibi F. Internet of things security: a survey. J Netw Comput Appl. 2017;88:10–28. doi: 10.1016/j.jnca.2017.04.002. - DOI
    1. Bobbio A, Cerotti D, Gribaudo M, Iacono M, Manini D. Markovian Agent Models: A Dynamic Population of Interdependent Markovian Agents. Cham: Springer International Publishing; 2016. pp. 185–203.
    1. Chang E, Moselle KA, Richardson A (2020) Covidsimvl –transmission trees, superspreaders and contact tracing in agent based models of covid-19. https://www.medrxiv.org/content/10.1101/2020.12.21.20248673v1 - DOI
    1. Cho H, Ippolito D, Yu YW (2020) Contact tracing mobile apps for covid-19: privacy considerations and related trade-offs. https://arxiv.org/abs/2003.11511

LinkOut - more resources