IoT is the technological revolution that intends to interconnect and make intelligent all the objects that are present in the daily life of the users. However, such sophistication, can lead to the existence of security issues that could be exploited by cybercriminals.
Check Point has recently warned of the growth of cyber attacks to IoT devices in healthcare systems around the world. In addition to ransomware attacks, health centers and hospital units are now facing vulnerability exploits on IoT devices.
The health sector has strongly adopted IoT. Connected devices have enormous potential for saving lives: they compile and analyze large volumes of clinical data and allow professionals to offer a personalized treatment to each patient quickly and even remotely. However, these devices also put at risk the sensitive data of patients and the proper functioning of healthcare institutions.
So, how vulnerable is IoT in the health sector?
To assess this issue, it is important to distinguish between the different types of intelligent devices. On one hand, we have portable medical devices, ranging from an insulin pump to a pacemaker.
A direct cyber attack against these devices may serve to blackmail the patient, threatening them with disruption of their operation. On the other hand, there are machines like smart pharmacy dispensers or chemotherapy connected stations. The potential for cybercriminals to endanger the lives of people in hospitals by taking control of the devices they use to treat them is really worrying: the same data that allow doctors to make adjustments to the operation of medical devices can also be used in a malicious way.
Check Point argues that IoT creators and medical industry manufacturers, as well as companies and patients who use the devices, should take a number of precautions to minimize the risks:
Implement a privacy model from the design of the machine. This measure is also necessary for any company subject to compliance with the EU’s future GDPR and should form an integral part of the design and development of any IoT health equipment.
Having a comprehensive protection strategy, which ensures that every equipment is protected with a single architecture, is the best approach. This solution should cover aspects such as network segmentation and also to be able to mitigate the multiple advanced attack vectors, threat prevention solutions should be included.