Increased Risks in Using Connected Devices in Healthcare

Hospitals use an increasing number of connected devices. Although connected devices can enhance performance, security, and patient results, they also considerably elevated the attack surface. A lot of these devices do not have the right security features or the correct configuration.

A new Microsoft-sponsored research study conducted by the Ponemon Institute regarding the present state of IoT/OT cybersecurity showed that 65% of companies have weak security in their IoT/OT devices and 50% have experienced more attacks involving their IoT/OT devices. 88% of the respondents mentioned that their IoT devices are accessible online, and 51% have OT gadgets accessible online. More cybercriminals are attacking these gadgets because they have a weak spot that can be exploited easily. Malicious actors use malware and ransomware to get initial access to targeted devices.

In 2020, Forescout reviewed the kinds of devices employed in enterprise systems to find out which present the greatest threat, and this November
released the latest version of the report. The majority of devices that were regarded as high risk stay on the updated listing, and consist of programmable logic controllers (PLCs), networking tools, VoIP, and IP cameras. Hypervisors and human-machine interfaces (HMIs) are included this year.

Nearly all of the riskiest gadgets are listed because they are often exposed online or crucial to business functions, and they all have vulnerabilities. All companies depend on a mix of IT, IoT, and OT. Healthcare companies likewise depend on IoMT devices. So virtually all companies face an increasing attack surface because they have at least one form of risky device hooked up to their network.

A lot of the devices are hard to patch and maintain, therefore vulnerabilities aren’t resolved immediately. IoMT devices are dangerous since they can give access to internal systems and can include important patient data, and attacks on these gadgets can impact healthcare delivery and patient security. There were attacks on hospitals that resulted in the deactivation of fetal monitors. In 2020, a number of attacks were executed on radiation information systems.

Medical imaging devices like DICOM workstations, imaging devices, nuclear medicine systems, and PACS can have highly sensitive patient information. They likewise frequently use legacy IT OS and have considerable network capacity for the quick sharing of medical imaging information, typically utilizing the DICOM standard for sharing data files. DICOM wasn’t created thinking about security, and although DICOM does allow encryption of transmitted data, encryption configuration depends on the individual healthcare organization. Encryption isn’t turned on in lots of hospitals, which suggests that medical images are sent in plain text and can quickly be intercepted and made to contain malware. Patient monitors are likewise one of the most unsecured IoMT devices because they typically converse utilizing unencrypted protocols, meaning communications can be quickly intercepted and meddled with. Tampering can block the receipt of alerts.

What is important to handling risk is to know how the attack surface is expanding and to perform a thorough risk evaluation to know where the vulnerabilities can be found. Those risks can subsequently be put through a risk management process and be minimized to a low and suitable level.