Medical IoT Blog Terms - Attivo Networks

Medical IoT

IoT World Today

The Difficulty of Gauging Health Care Cybersecurity Risk

In 2016, the cybersecurity division of the U.S. Department of Homeland Security released a warning that a class of medical devices had a whopping 1,418 vulnerabilities. Admittedly, the devices in question were end-of-life versions of BD Pyxis SupplyStation health care inventory management system. But this extreme example points to the type of collision course that can occur when complex software and connectivity drive core medical device functionality. DHS reasoned that an adversary of low skill could successfully attack the aging Pyxis devices. And over the past decade, security researchers have proven dozens of medical devices, from pacemakers to infusion pumps, are at risk of a cyberattack. Austrian cybersecurity researcher Tobias Zillner, for instance, revealed that a St. Jude Medical pacemaker model produced until 2017 could be hacked using a 2000-era cell phone and the device could be incapacitated within three hours by draining the battery via a cyberattack. A firmware update was later made available to harden that device…

health-data-management- logo

How deception technology can boost security for medical devices

Explosive growth in smart medical devices has created a new set of challenges for the healthcare industry. To adapt to these changes, health IT risk management experts are seeking new ways to better balance integrated services and security. While medical devices are regulated in many ways for functionality, with rules or laws put forth by regulatory agencies, these same regulators have fallen short when it comes to prescribing enforceable security standards that sufficiently address today’s interconnected healthcare systems—an issue made particularly complex by the lack of agreement over whether providers or device manufactures should bear the liability burden.

Scroll to Top