Connected medical devices are quickly becoming essential tools in healthcare. In fact, the market has been growing steadily and is expected to be to $188.2 billion by 2025. IoT can dramatically improve patient outcomes and save millions of lives while making healthcare more accessible and affordable. However, connected devices face serious security challenges, with some outlets reporting as high as 82% of healthcare providers having some form of cyber attack.
The most common security threats against IoT devices include hijackings, data leaks, unsecured devices, and intrusion. These threats have the potential to cost healthcare organizations billions of dollars and worse, put patients at significant risk, as we discussed here.
Here are six of the most common security threats against healthcare organizations and connected medical devices.
A botnet is a network designed to connect various systems to control the victim’s system and distribute malware. Cybercriminals control botnets remotely using Command and Control Servers from where they steal confidential patient data or execute other forms of cyber-attacks such as DDoS and phishing. Criminals can leverage botnets to attack IoT devices connected to other devices like smartphones, printers, smart cameras, desktops, and laptops. One example of this common security threat is the Mirai botnet that infected an estimated 2.5 million devices.
A Denial of Service (DoS) attack is one of the oldest and most common security threats. It causes a deliberate capacity overload in target IoT and traditional IT systems by sending multiple request packets. Malicious actors implementing this form of attack typically aim to slow down or disable a service to hurt the target healthcare provider’s reputation or for some other political reason. A DoS attack would make it challenging for the victim to monitor patient outcomes for critical patient services remotely. While there are DoS mitigation services that an attacked organization can hire to mitigate the traffic, a DoS attack can be a costly event for a healthcare organization.
Ransomware attacks are arguably the most notorious and common security threats targeting IoT devices. This type of attack involves an attacker who uses malware to encrypt data required for day-to-day operations. The attacker will then demand a ransom before they decrypt the critical data. Notably, ransomware attacks are considered one of the most sophisticated IoT security threats. We talked about ransomware in healthcare earlier on the blog here. In a recent study, researchers used a smart thermostat to demonstrate the impact of ransomware on IoT devices. With this attack, attackers were able to take control of the temperature, which could be detrimental to healthcare facilities.
Advanced persistent threats (APT) are a concern for most organizations and becoming one of the most common security threats to corporations and healthcare organizations. An APT is a targeted attack where the attacker gains unauthorized access to a network or system and stays undetected for extended periods. The intruders then monitor network activity and steal critical data. These attacks are quite hard to prevent, detect, or mitigate, and the advent of IoT has made it easy for vast volumes of crucial data to be stolen and transferred across devices. A criminal can target IoT medical devices to access hospital and patient networks and then steal confidential information.
WannaCry is an example of ransomware used to extort money from their victims. Cybercriminals do this by encrypting valuable files to deny access. Like the other types of ransomware, WannaCry takes your data hostage and demands a ransom before releasing them. Notably, WannaCry targets devices that use Microsoft Windows as their operating system. A substantial percentage of medical devices such as MRI scanners, blood storage fridges, and other medical equipment are Windows-based devices, making WannaCry one of the most dangerous common security threats to healthcare organizations.
External blue is a leaked NSA weapon that attacks file-sharing services. It was leaked by the Shadow Brokers group in May 2017, and it has continued to cause catastrophic attacks targeting IoT Windows operated devices. Typically, with this kind of threat, attackers use malware to attack Windows systems operating an unpatched version of SMB_v1. These criminals then gain remote access to the targeted devices and turn them into internet-connected launching platforms for further attacks.
Do You Know Your IoT Risks?
Find Out in Minutes…FREE
Share This Blog