From a cybersecurity standpoint, the COVID-19 pandemic has proven analysts’ worst fears. Researchers discovered that cybercriminal activity targeting medical facilities jumped by almost 60% in February and March when the novel coronavirus was shutting down the world. This was the sharpest spike in cyberattacks on hospitals over the past 12 months, according to Bitdefender researchers.
From ransomware and theft of intellectual property to fraud and state-sponsored disruption, cybercrime has never been more prevalent in the healthcare industry than it is today. Recent studies show that two-thirds of medical units globally have been hacked at some point. Not only are doctors and nurses ill-prepared to detect a cyber threat, but most hospital equipment can’t be protected against hacks with traditional security solutions.
Understanding the importance of IoT device security
Connected medical devices combine patient and device data to close the gap between patients and caregivers. The fallout of medical facilities being hacked results in delays and diversions to other medical facilities for critical patients awaiting surgery. The result is wasted time that can mean life or death for a patient. With the advent of 5G connectivity and rapid adoption of IoT equipment in every vertical, the attack surface will exponentially expand in the coming years as more medical devices come online.
The situation becomes even more dire with smart medical implants, such as insulin pumps and pacemakers that can be controlled wirelessly. Though there are no recorded cases of loss of life from hacking a medical implant, research shows that it can be done and should be evaluated as a risk.
Most healthcare equipment runs embedded OSes or has regulatory restrictions limiting the ability to install security software. Many of these systems go unpatched for multiple years, further increasing the risk of being hacked.
Now more than ever, hospitals and healthcare providers must seriously consider investing in security safeguards tailored to bridge the gaps in healthcare equipment resulting from outdated hardware, regulatory restrictions and software limitations that impede the installation of security software on the devices themselves. One such way would be to use network security solutions to provide isolation and segmentation of devices and network traffic inspection for any anomalous behavior.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.