Blogs -IoT Medical Devices: Our Scariest Security Threat Yet

IoT Medical Devices: Our Scariest Security Threat Yet


February 01, 2018

author

Beth Kindig

Lead Tech Analyst

IoT medical devices may be our scariest security threat yet. Implanted devices such as pacemakers draw big headlines for security threats. However, there are 36,000 other health-care related devices in the United States that are discoverable on the connected device search engine Shodan – which doesn’t even take into account the global level of unprotected devices (source: Wired).

In fact, U.S. hospitals have an average of ten to 15 connected IoT medical devices per bed with some hospitals registering 5,000 beds (or 50,000 connected devices). Therefore, the magnitude of the risks associated with these medical IoT devices is a gripping proposition.

Most hacks will not be a life or death situation, although a few exposed vulnerabilities could be potentially fatal, such as with Johnson & Johnson’s insulin pumps, which could potentially administer a fatal dose of insulin, or the Animas OneTouch Ping with a vulnerable wireless controller. The most common hack is for medical records, which can be sold on a Dark Web aftermarket with a value of $500 per Medicare or Medicaid record [2] . As The Hill reports, tens of millions of electronic health records have been compromised over the last few years, whereas there has not been a single implant device death or documented patient harm, according to Zach Rothstein, associated vice president of the Advanced Medical Technology Association. In 2015 over 113 million personal health records were compromised, up 9x from 2014, according to the Department of Health and Human Services (DHS).

While medical record theft and device hacks are well documented, there are many reasons hackers target the vast array of medical devices on the market. Ransomware is the practice of taking over a mobile app until a ransom is paid. A similar exploit can be performed on hospitals by entering a weak point, such as unsecured wireless connections, to access the system and take it over for a ransom. For instance, the Los Angeles Hollywood Medical Center had to pay hackers $17,000 to regain control of critical computer systems [3] . A similar attack also occurred in Mount Pleasant, Texas, where a hospital had its core electronic medical system knocked offline until a ransom was paid. According to those in the security industry, while ransomware attacks are prevalent, they are rarely made public for a variety of reasons.

Other reasons hacks that can occur include changing medical records for allergies or diagnoses. There is at least one case where medical devices were hacked to disseminate information and change stock prices, such as with Muddy Waters, a short selling firm that hired a boutique cybersecurity firm to conduct test attacks on a St. Jude’s pacemaker from 10 feet (3 meters) away, but up to 100 feet with an antenna and software defined radio, according to Reuters.

Medical devices extend beyond healthcare facilities and now overlap with mobile apps, as well. Last year, the Medicines and Healthcare products Regulatory Agency (MHRA) has issued updated guidance today to help identify health apps that are medical devices – and how to secure these mobile vulnerabilities. The apps that are of concern gather data from either the person or a diagnostic device, collecting information such as heartbeat or blood glucose levels, and then interpret the data to make a diagnosis, or to recommend treatment4 . As the MRHA director of medical devices says, “We live in an increasingly digital world, both healthcare professionals, patients and the public use software and stand-alone apps to aid diagnosis and monitor health.” There are also many apps connected to medical devices, providing another entry point for hackers.

“Mobile apps are unleashing amazing creativity,” Bakul Patel said from the FDA’s Center for Devices and Radiological Health. “At the same time, we have set risk-based priorities and are focusing FDA’s oversight on mobile apps that are devices for which safety and effectiveness are critical.”

This article first appeared on Intertrust.com

To learn more on how to protect IoT Medical Devices and how Intertrust drives advancements in healthcare with secure data collaborations, data privacy and security, contact sales@whitecryption.com 

SOURCES:

[1] WIRED, Medical Devices Next Security Nightmare

[2] NextGov, This Is the Real Threat Posed by Hacked Medical Devices at VA

[3] NYTimes,  Los Angeles Hackers Pay $17,000 After Attack

Gains of up to 2,880% from our Free Newsletter.


Here are sample stock gains from the I/O Fund’s newsletter --- produced weekly and all for free!

2,880% on Nvidia

750% on Bitcoin

*as of Nov 20, 2024

Our newsletter provides an edge in the world’s most valuable industry – technology. Due to the enormous gains from this particular industry, we think it’s essential that every stock investor have a credible source who specializes in tech. Subscribe for Free Weekly Analysis on the Best Tech Stocks.

If you are a more serious investor, we have a premium service that offers lower entries and real-time trade alerts. Sample returns on the premium site include 4,490% on Nvidia, 900% on Chainlink, and 1,120% on Bitcoin. The I/O Fund is audited annually to prove it’s one of the best-performing Funds on the market, with returns that beat Wall Street funds.

beth
head bg

Get a bonus for subscription!

Subscribe to our free weekly stock
analysis and receive the "AI Stock: 5
Things Nobody is Telling you" brochure
for free.

More To Explore

Newsletter

https://images.prismic.io/bethtechnology/Z1-PkpbqstJ98hbJ_SemiconductorStocksExposedToChinaWithTariffsIncoming.jpg?auto=format,compress

Semiconductor Stocks Exposed To China With Tariffs Incoming

Semiconductor stocks will come into focus in 2025 as geopolitical tensions rise. China is likely to retaliate following Trump’s most recent threats of 10% additional tariffs to all Chinese goods. This

December 17, 2024
https://images.prismic.io/bethtechnology/Z1j8Y5bqstJ98SN8_ShopifyStockIsABlackFridayBeneficiaryThatFacesKeyTestInQ4.jpg?auto=format,compress

Shopify Stock Is A Black Friday Beneficiary That Faces Key Test In Q4

Black Friday and Cyber Monday e-commerce sales broke records again this year, with Adobe pointing out that US sales increased 10.2% YoY to $10.8 billion on Black Friday while Cyber Monday sales rose 7

December 09, 2024
https://images.prismic.io/bethtechnology/Z0_ToZbqstJ98AmN_Nvidia%E2%80%99sStockHas70%25PotentialUpsideFor2025.jpeg?auto=format,compress

Nvidia’s Stock Has 70% Potential Upside For 2025

Nvidia once again posted a $2 billion beat to consensus revenue estimates in Q3, reporting YoY growth of nearly 94% to over $35 billion in revenue. Data center revenue more than doubled in the quarter

December 02, 2024
https://images.prismic.io/bethtechnology/Z0SBDq8jQArT1RkS_960x0.jpg?auto=format,compress

Nvidia Stock Is A Buy On Dips Before Blackwell Arrives In 2025

Nvidia’s stock broke to all-time highs recently, trading at $148 in early November and $147 yesterday. The stock has left many investors wondering “what comes next” after the unrelenting, historic sur

November 24, 2024
https://images.prismic.io/bethtechnology/ZzyXba8jQArT1B7v_960x0.jpg?auto=format,compress

AI Spending To Exceed A Quarter Trillion Next Year

Big Tech’s AI spending continues to accelerate at a blistering pace, with the four giants well on track to spend upwards of a quarter trillion dollars predominantly towards AI infrastructure next year

November 19, 2024
https://images.prismic.io/bethtechnology/ZzNO3K8jQArT0wUy_PalantirStock-HowHighIsTooHigh_.png?auto=format,compress

Palantir Stock: How High Is Too High?

Palantir proved again in Q3 that it’s undeniably one of the stronger AI software stocks in the market outside of the cloud hyperscalers. The company reported visible AI-driven growth and persisting bu

November 12, 2024
Bitcoin bull market update: December 2022 projection of $75,000 - $132,000 adjusted to $82,000 - $106,000 after reaching $73,757 in March 2024.

Bitcoin Bull Market Intact as Risk Increases

In December 2022, we boldly stated that “Bitcoin is a buy” when it was trading around $17,000. We were positioning for a new bull cycle and projected a target between $75,000 - $132,000. Despite Bitco

November 01, 2024
https://images.prismic.io/bethtechnology/ZyGyUK8jQArT0Aju_TeslaStock-MarginsBounceBackForAI-Leader.jpg?auto=format,compress

Tesla Stock: Margins Bounce Back For AI-Leader

Tesla is arguably one of the most advanced AI companies in the world, yet its stock is dictated by margins. Over the past three years, Tesla’s average gross profit per vehicle has declined by 60%, fal

October 30, 2024
https://images.prismic.io/bethtechnology/ZxejEoF3NbkBX11O_PalantirStockIsCrushingItsPeersInAIRevenue.png?auto=format,compress

This Stock Is Crushing Salesforce, MongoDB And Snowflake In AI Revenue

In this article, I break down how Palantir’s AIP is putting it a step above peer Salesforce, MongoDB and Snowflake with visible AI growth, and its undeniable ‘secret sauce’.

October 22, 2024
https://images.prismic.io/bethtechnology/Zw5myoF3NbkBXdms_Nvidia%2CMag7FlashWarningSignsForStocks.jpeg?auto=format,compress

Nvidia, Mag 7 Flash Warning Signs For Stocks

In this report, my team will address the risks brewing in the market. The strange behavior in the bond market could be signaling that the FOMC has made a policy error. This coupled with key tech stock

October 15, 2024
newsletter

Sign up for Analysis on
the Best Tech Stocks

https://bethtechnology.cdn.prismic.io/bethtechnology/e0a8f1ff-95b9-432c-a819-369b491ce051_Logo_Final_Transparent_IOFUND.svg
The I/O Fund specializes in tech growth stocks and offers in-depth research for Premium Members. Investors get access to a transparent portfolio, a forum, webinars, and real-time trade notifications. Sign up for Premium.

We are on social networks


Copyright © 2010 - 2024