Safeguarding Healthcare Organizations from IoMT Risks

November 18, 2024

Internet of Medical Things (IoMT) devices have become an essential part of the healthcare industry. The global healthcare medical device market is expected to reach 322 billion USD by 2027, indicating the high level of adoption that has already occurred and even higher levels yet to occur. These devices process vast amounts of sensitive medical data used to make critical decisions about the health of patients. However, because of their interconnected nature, these devices come with inherent risks, not only of data loss but potentially of loss of life.

Protected Health Information (PHI) and Electronic Health Records (HER) are both highly sought after by threat actors because of their high value on the dark web. Ransomware operators in particular have made large sums of money by ransoming medical records. In the well-known ransomware attack against Change Healthcare, 4TB of medical records were exfiltrated by the AlphV ransomware group, resulting in a ransom payment of 22 million USD. In many cases, the attack vector through which threat actors can get at these valuable records is through IoMT devices, which are not designed with security in mind. Security researchers have found many zero-day vulnerabilities in various IoMT devices allowing for unauthorized data retrieval. As an example, studies conducted on the GE HealthCare Vivid Ultrasound product family in May of this year found 11 high-severity security flaws that would enable threat actors to gain unauthorized access to the device, exfiltrate credentials, and even lock down the entire system. Some vulnerabilities may have even more dire consequences than this. In 2021, researchers at McAfee identified severe vulnerabilities in a brand of infusion pump that allowed a threat actor to gain command line access to the device and potentially deliver lethal doses of medication to patients, resulting in loss of life. These were vulnerabilities that were caught and patched: without close oversight, other vulnerabilities may still exist in these devices that endanger the safety and privacy of patients.

In order to address these problems, researchers have encouraged developers of IoMT devices to adopt the Zero Trust framework, which adheres to the principle of least privilege and restricts data access. Network segmentation has also been commonly stressed, meaning that these sensitive devices need to be kept separate from less critical access terminals, lowering the number of possible entry points from lateral movement. As always, network security is a series of trade-offs between protection and convenience, and when disruptions in convenience could damage the quality of a patient’s care, figuring out what measures can be safely taken is more important than ever. But for the sake of the healthcare industry as a whole and the lives of patients in particular, IoMT security cannot be ignored.

More from Blackwired

November 11, 2024

Chinese Air Fryers May Be Spying on Consumers, Which? Warns

Smart kitchen devices, like air fryers, may be over-collecting personal data, raising privacy and security concerns, says UK group Which?

Read more
November 4, 2024

The Hidden Risks in Telecom Networks and How to Safeguard Your Organization

Recent telecom breaches, like Verizon's, expose risks beyond politics. End-to-end encryption is crucial for protecting sensitive data.

Read more
October 28, 2024

A Look at the Social Engineering Element of Spear Phishing Attacks

CISOs face dual challenges: technical security and increasing compliance duties. Most believe a separate role for compliance is needed.‍

Read more

© 2024 Blackwired. All Rights Reserved.