Obsolete Internet of Things (IoT) medical equipment poses significant security dangers
In a recent report, Cynerio has shed light on the alarming cybersecurity risks prevalent in the Internet of Medical Things (IoMT) infrastructure of over 300 US hospitals.
The study found that more than half (53%) of the IoMT devices used in healthcare contain critical cybersecurity risks. This revelation underscores the urgent need for hospitals to address these vulnerabilities to safeguard patient safety, maintain data confidentiality, and ensure service availability.
One of the key findings of the report is the growing concern over unpatched devices in healthcare systems. Daniel Brodie, Cynerio's Chief Technology Officer, emphasizes that these unpatched devices could have serious consequences for medical workflows and hospital operations.
Ransomware attacks on hospitals have seen a significant increase, with a 123% year-on-year rise in 2021. These attacks cost a total of $21 billion from over 500 attacks. The average cost per ransomware attack is $8 million, and each attack takes an organization around 287 days to fully recover.
Malware or DDoS attacks are common in healthcare systems, often leading to ransomware demands. To mitigate these threats, Brodie recommends a proper balance of network connections, with a mix of east-west (device to device) and north-south (server to device) segmentation. In a north-south segmentation maneuver, for instance, IV pumps could be connected only to the servers at the data centers and not to other servers or devices that may be more easily accessed.
Cynerio uses an AI algorithm to help identify vulnerabilities and threats in the analyzed devices. The complexity of streamlining the patching and upgrading process for a typical hospital network hosting devices from different vendors can lead to many devices missing out on timely upgrades.
The report also highlighted that Cisco IP Phone CVEs make up 31% of vulnerabilities detected in healthcare IoT devices. Additionally, almost half (48%) of the IoT devices scanned in the research used Linux as their operating system, leading to growing concerns as Linux is an open-source platform that has gained popularity among bad actors.
Weak HTTP credentials and open HTTP port each account for 21% and 20% of detected vulnerabilities respectively in healthcare IoT devices. Network quarantine and segmentation is recommended as the most effective technique to remediate vulnerabilities in healthcare IoT devices.
Devices tracking patients' vital signs, systems compiling medical history, communication systems, radiology, imaging, PACS machines and scanners, IV and insulin pumps, printers, and other network equipment are often targeted in these attacks.
Liz Miller, a Constellation Research analyst, states that healthcare systems have multiple attack surfaces and the global pandemic has made them more vulnerable to attacks. With 79% of IoT devices used at least once a month, and 21% potentially going without use for four weeks, it's crucial for hospitals to prioritize cybersecurity measures in their IoMT infrastructure.
%20medical%20equipment%20poses%20significant%20security%20dangers){kind=link}