Over 300 Total Lots Up For Auction at Two Locations - UT 10/25, CA 10/28

Portuguese PortugueseEnglish English

Over 50% of internet-connected medical devices vulnerable to cyberattacks

por John R. Fischer, Senior Reporter | January 28, 2022
Cyber Security Health IT
Share
Over 50% of internet-connected medical devices in hospitals are vulnerable to cyberattacks
Critical vulnerabilities put over half of medical devices connected to hospital networks at risk of being breached by malicious viruses and software that could potentially compromise patient information.

In an analysis of 10 million devices at more than 300 hospitals and medical facilities worldwide, Cynerio identified 53% of internet-connected medical devices with a known vulnerability and one-third of bedside devices with a critical risk.

It warns in its 2022 State of Healthcare IoT Device Security report that these issues could enable hackers to access devices and potentially impact service availability, steal and expose patient data and even pose harm to patient safety, according to ZDNet.

"Hospitals and health systems don't need more data — they need advanced solutions that mitigate risks and empower them to fight back against cyberattacks, and as medical device security providers, it's time for all of us to step up. With the first ransomware-related fatalities reported last year, it could mean life or death,” said Cynerio’s CTO Daniel Brodie in a statement.

Infusion pumps were the most common device to have some type of vulnerability, with 73% showing such issues. This is very concerning, as IV pumps make up 38% of a hospital’s IoT and hacking into them allows hackers to directly affect patients, since they are connected to the pumps.

Other internet-connected devices that posed risks were patient monitors and ultrasound, with both devices among the top 10 listed in terms of numbers of vulnerabilities, reported The Verge.

Outdated programming such as older Windows Versions were found on most medical IoT devices, specifically versions that were older than Windows 10. It is outdated systems and not enough cybersecurity protections that have made healthcare a prime target of cybercriminals, according to Cynerio. Default passwords are also a problem and were found on about 21% of devices in the analysis.

In addition to addressing these issues directly, Cynerio recommends that healthcare organizations segment their networks, as doing so addresses more than 90% of critical risks in medical devices and reduces ransomware attacks. It adds that healthcare organizations do not have the resources or personnel to keep systems updated and that they may not even know if there is an update for one of their devices or a recall.
Sign up for Health IT stories Sign up for Weekly Top stories

You Must Be Logged In To Post A Comment

Sign up for Weekly Top stories

Sign up for Health IT stories

 

advertisement

Health IT Homepage

Solving for technical debt in healthcare
GE HealthCare integrates Blackford AI application platform with its PACS solutions
Riverside Health to roll out Abridge AI across provider network
Sectra inks $300 million contract in Canada amid legal challenge
Bot Image's ProstatID AI Software presents an excellent tool to assist radiologists, interventionalists and oncologists alike.
Konica Minolta and NewVue enter into a strategic partnership
Survey finds US healthcare providers and payers are spending more on AI and cybersecurity
How hospitals can leverage RTLS and unified cloud-based platforms to increase efficiency
Using AI to automate radiology administrative workflow
Doing more with data: How ambulatory monitoring is unlocking new care pathways