New medical devices are on the verge of transforming healthcare as we know it. But as hackers disrupt healthcare facilities, security and IT experts have identified these devices to be a source of cyber infections.
Not all blame will belong to the devices as users and facilities may be responsible as well. Studies point out that the most common types of “Internet of Things medical device” security alerts originate from user practice issues, such as using embedded browsers on medical workstations to surf the web, conducting online chat or downloading content. According to a new study by ZingBox, an Internet of Things cybersecurity company, they account for 41 percent of all security alerts.
A ransomware attack just weeks ago disrupted operations at two hospitals, Hancock Health and Adams Memorial.
About 15 percent of the hospitals were infected by WannaCry, ransomware or similar attacks exploiting Windows SMB vulnerabilities, according to Zingbox’s, “Medical Devices Threat Report”.
An article in Healthcare IT News cites that the medical devices studied include: infusion pumps, patient monitors, imaging systems and medical device gateways.
The study found that the top two device types infected by such attacks were imaging systems (65 percent) and nurse call systems (21 percent). User practices issues accounted for 71 percent of ransomware infections.
The study showed that infusion pumps are the most widely deployed connected medical devices but are not the leading cause of device-oriented security alerts. The leading cause of the alerts are imaging systems, which were the source for 45 percent of all security alerts; followed by patient monitors at 32 percent.
“It is interesting to point out that while infusion pumps make up nearly 50 percent of connected devices in hospitals, they don’t represent the largest cyberattack surface,” said Xu Zou, CEO and co-founder of ZingBox. “Security alerts relating to infusion pumps were only at 2 percent. However, attention to protecting these devices should still be a priority since a successful attack on a single infusion pump could result in disabling the bulk of all infusion pumps through lateral movement and infection.”
How did other medical devices do in terms of vulnerability? 51 percent of all reported user practice issues came from the imaging devices. Almost 80 percent of the instances of outdated operating systems and software applications identified, were from patient monitoring devices.
“Understanding how vulnerabilities enter our networks is critical to protecting patient data and safety in healthcare settings,” Zou said.