Security vulnerabilities within healthcare MIoT Devices

Security vulnerabilities within healthcare MIoT Devices

Technological integration is an integral part of most industries and is seen in day to day operations of our lives. The advancement of various technologies allows us to interconnect with several technical components embracing smooth operational procedures, communication, and data exchange. Internet Of Things (IoT) is one of the systems applied within multiple industries and daily lives that allows for such intercommunication and interconnection. IoT market size for 2020 is estimated to be valued at $761.4 billion, demonstrating its significance within the technological paradigm.

Within the spectrum of IoT systems, another system expressly referred to for healthcare is Medical Internet of Things (MIoT). MIoT refers to a variant of IoT devices that aid patient care. These range from applications and services that improve and help with medical diagnosis, patient treatment, illness management, etc. The interconnectivity allows gathering vast amounts of data, monitoring vital body parameters, and gathering detailed information from sensors and other connected devices.

The integration of the physical devices and their connectivity allows for remote connections to be established to those devices. This includes all components for medical data storage, analysis, monitoring, and even forecasting. However, the threat landscape increases with such connectivity, and these technological integrations can pose vulnerabilities if not secured correctly. Allowing network exploits and access to sensitive medical data or devices.

Unfortunately, this was the case in recent findings regarding critical medical devices that threaten healthcare security and patient data. New findings show that apart from ransomware attacks on healthcare systems, the number one target for cyber attacks are critical medical devices used within the healthcare environment. The 2022 State of Healthcare IoT Device security Report broadcasts that 53% of MIoT and IoT devices contain critical risk vulnerabilities. MIoT devices, if attacked by cybercriminals, can impact patient safety, data confidentiality, and service availability.

The top devices are Cisco IP Phone CVEs at 31%, Weak HTTP credentials at 21%, Open HTTP Ports at 20%, and outdated SNMP version at 10%. These MIoT risks are humdrum and seen across other IT sectors. However, they broadcast a lack of cyber hygiene within the healthcare industry. Leaving these IoT devices open for further exploitations and risks. However, these devices are just part of the vulnerabilities the Healthcare industry faces. Devices such as IV Pumps. VOIP. Ultrasound, Patient Monitor. Medical dispensers, Gateways, IP cameras, PCS Servers, Computerized radiography systems, and DICOM workstations, embrace critical risks where IV pumps face 73% of the critical risk rate while VOIP is at 50%.

As these devices are closest to patients, relatively, they contain a greater risk of impacting patient care. Hence, these devices contain a higher risk of profile on patient’s health. However, the common risks can be easily addressed with appropriate tools and procedures despite the exploited vulnerabilities. The most common vulnerabilities of these “close to patient” devices are as follows:

However, because of the widely regulatory use of the devices, it is difficult for security professionals to update them due to the impact of downtime of these devices, as about 80% of healthcare MIoT devices are used monthly. Though it may be difficult to it is not impossible. However, an alternative solution exists, and it is that of network segmentation.

With segmented networks, the healthcare industry can decrease the threat landscape of the attacks, disbanding lateral movement within devices and resources. Because each segmented zone would require authorized access, it would be difficult for attackers to access the network. With several segmented zones, this practice becomes part of a good security measure that would limit access to the networks without impacting connectivity.

Reports show that about 92% of critical risks are detected with an effective IoT segmentation and contribute to a 67% decrease in the critical risk of exposure. Though the solution sounds promising, the present vulnerabilities and threats still exist, requiring further dynamic adaptation to battle cyber attacks. Though the healthcare industry thrives on the defense side, it still requires strategic solutions when engaged by a cyber attack, such as rapid reaction/detection systems that promptly terminate the threats. Whether it is authenticating users or securing remote access, the future for the healthcare industry should apply a more aggressive approach. Recent findings show that the course should be that of detecting and eliminating the attack by applying a quick reaction force to battle the ongoing and dynamic attacks on the healthcare industry. Though the current practices show promising results, the healthcare industry is still a high-value target for cybercriminals and requires a comprehensive security strategy to overcome dynamic cyber threats.

Author: Damian Borkowski, Technical Marketing Specialist