Blogs -IoT Medical Devices: Our Scariest Security Threat Yet

IoT Medical Devices: Our Scariest Security Threat Yet


February 01, 2018

author

Beth Kindig

Lead Tech Analyst

IoT medical devices may be our scariest security threat yet. Implanted devices such as pacemakers draw big headlines for security threats. However, there are 36,000 other health-care related devices in the United States that are discoverable on the connected device search engine Shodan – which doesn’t even take into account the global level of unprotected devices (source: Wired).

In fact, U.S. hospitals have an average of ten to 15 connected IoT medical devices per bed with some hospitals registering 5,000 beds (or 50,000 connected devices). Therefore, the magnitude of the risks associated with these medical IoT devices is a gripping proposition.

Most hacks will not be a life or death situation, although a few exposed vulnerabilities could be potentially fatal, such as with Johnson & Johnson’s insulin pumps, which could potentially administer a fatal dose of insulin, or the Animas OneTouch Ping with a vulnerable wireless controller. The most common hack is for medical records, which can be sold on a Dark Web aftermarket with a value of $500 per Medicare or Medicaid record [2] . As The Hill reports, tens of millions of electronic health records have been compromised over the last few years, whereas there has not been a single implant device death or documented patient harm, according to Zach Rothstein, associated vice president of the Advanced Medical Technology Association. In 2015 over 113 million personal health records were compromised, up 9x from 2014, according to the Department of Health and Human Services (DHS).

While medical record theft and device hacks are well documented, there are many reasons hackers target the vast array of medical devices on the market. Ransomware is the practice of taking over a mobile app until a ransom is paid. A similar exploit can be performed on hospitals by entering a weak point, such as unsecured wireless connections, to access the system and take it over for a ransom. For instance, the Los Angeles Hollywood Medical Center had to pay hackers $17,000 to regain control of critical computer systems [3] . A similar attack also occurred in Mount Pleasant, Texas, where a hospital had its core electronic medical system knocked offline until a ransom was paid. According to those in the security industry, while ransomware attacks are prevalent, they are rarely made public for a variety of reasons.

Other reasons hacks that can occur include changing medical records for allergies or diagnoses. There is at least one case where medical devices were hacked to disseminate information and change stock prices, such as with Muddy Waters, a short selling firm that hired a boutique cybersecurity firm to conduct test attacks on a St. Jude’s pacemaker from 10 feet (3 meters) away, but up to 100 feet with an antenna and software defined radio, according to Reuters.

Medical devices extend beyond healthcare facilities and now overlap with mobile apps, as well. Last year, the Medicines and Healthcare products Regulatory Agency (MHRA) has issued updated guidance today to help identify health apps that are medical devices – and how to secure these mobile vulnerabilities. The apps that are of concern gather data from either the person or a diagnostic device, collecting information such as heartbeat or blood glucose levels, and then interpret the data to make a diagnosis, or to recommend treatment4 . As the MRHA director of medical devices says, “We live in an increasingly digital world, both healthcare professionals, patients and the public use software and stand-alone apps to aid diagnosis and monitor health.” There are also many apps connected to medical devices, providing another entry point for hackers.

“Mobile apps are unleashing amazing creativity,” Bakul Patel said from the FDA’s Center for Devices and Radiological Health. “At the same time, we have set risk-based priorities and are focusing FDA’s oversight on mobile apps that are devices for which safety and effectiveness are critical.”

This article first appeared on Intertrust.com

To learn more on how to protect IoT Medical Devices and how Intertrust drives advancements in healthcare with secure data collaborations, data privacy and security, contact sales@whitecryption.com 

SOURCES:

[1] WIRED, Medical Devices Next Security Nightmare

[2] NextGov, This Is the Real Threat Posed by Hacked Medical Devices at VA

[3] NYTimes,  Los Angeles Hackers Pay $17,000 After Attack

head bg

More To Explore

Newsletter

Robinhood crypto trading volume vs. transaction revenue Q2 2025

Robinhood Stock: Spot Crypto Volumes May Lead to Incoming Volatility

Robinhood’s fundamental transformation over the past two years has been nothing short of remarkable. Crypto is driving strong revenue growth at 50% YoY in Q1, while TTM operating margin is approaching

July 11, 2025
Beth Kindig, Lead Tech Analyst at I/O Fund, interviewed on Fox Business discussing Nvidia’s earnings beat and solid guidance.

AI Stocks in 2025: What Every Investor Should Know

The market evolves quickly, and nowhere is that more apparent than in AI stocks, which continue to lead in both innovation and returns. At the I/O Fund, our deep coverage of AI stocks, combined with a

July 03, 2025
Modern data center building next to a nuclear power plant cooling tower.

Nuclear Power Emerging as a Clean AI Data Center Energy Source

Data center power demand is forecast to surge over the next decade, with some estimates seeing demand increasing 3x by 2030. Inference is expected to be a primary driver with power demand growth proje

June 27, 2025
Nvidia vs. AMD CEOs in AI GPU race, spotlighting AI inference competition.

AMD vs Nvidia: The AI Stock That Could Win by 2028

Last week, AMD offered more details on the release of their groundbreaking GPUs with little fanfare in the markets – which is par for the course as AMD has a history of being forgotten about until the

June 20, 2025
AI chip powering data growth with green upward graph, symbolizing semiconductor and AI market expansion

This AI Stock is Set to Surge from Inference Demand

Up until now, the AI conversation has been dominated by training and compute, yet inference is showing signs of exploding growth. Microsoft and Google recently highlighted 5x to 9x YoY growth in AI to

June 13, 2025
Taiwan Semiconductor drives AI growth amid geopolitical risk

Taiwan Semiconductor Stock: AI Growth Amid Geopolitical Risk 

Despite their leadership, AI stocks like Taiwan Semiconductor and Nvidia are flat year-to-date and trading at similar levels as June 2024. Clearly, the AI trade is not as straightforward as it might s

June 06, 2025
Man walks on a broken bridge with a stock chart overlay, symbolizing market challenges

Historic Market Uncertainty Meets $7 Trillion Debt Wall: What Comes Next for the S&P 500

We are seeing mounting evidence that this bounce may be the start of a new push to all-time highs, such as improved breadth, better than expected earnings plus the size of this bounce. However, one ca

May 27, 2025
a baseball stadium with Nvidia billboard

Nvidia Stock Faces a Choppy Q2, But Tailwinds Build for H2 Acceleration

Nvidia’s streak of blockbuster earnings has turned investor expectations into a high-stakes game— anything short of perfection risks disappointment. As the company gears up to report fiscal Q1 results

May 23, 2025
Microsoft stock up as Azure tops AWS, Google Cloud in Q3 2025

Microsoft Stock Surges After Q3 2025 Earnings: What Separates Azure from AWS, Google Cloud

Microsoft stock jumped after Q3 2025 earnings as Azure emerged as the only major cloud platform to accelerate growth this quarter — a rare feat amid macro pressures. Azure’s 35% constant currency grow

May 16, 2025
Bitcoin price chart signaling potential top despite favorable crypto news

Why Bitcoin’s Bull Run May Be Nearing a Top Despite Pro-Crypto Tailwinds

Since calling the Bitcoin bottom near $16,000 in late 2022, the I/O Fund has maintained a disciplined, contrarian approach — issuing 13 buy alerts before Bitcoin surged above $100,000. Now, signs sugg

May 09, 2025
newsletter

Sign up for Analysis on
the Best Tech Stocks

https://bethtechnology.cdn.prismic.io/bethtechnology/e0a8f1ff-95b9-432c-a819-369b491ce051_Logo_Final_Transparent_IOFUND.svg
The I/O Fund specializes in tech growth stocks and offers in-depth research for Premium Members. Investors get access to a transparent portfolio, a forum, webinars, and real-time trade notifications. Sign up for Premium.

We are on social networks


Copyright © 2010 - 2025