Connected Medical Devices Accelerating Cyberattacks at Healthcare Facilities

Over 60 percent of healthcare cyberattacks impact patient data. 

By HFT Staff


Increased use of connected medical devices is accelerating cyberattacks, according to Capterra’s new Medical IoT Survey of healthcare IT professionals. The survey also reveals that 67 percent of healthcare cyberattacks impact patient data and nearly one-half  impact patient care, an indication that rising security risks in the industry are leading to severe consequences in patient outcomes and privacy. 

The medical Internet of Things (IoT) is helping to make healthcare more convenient, efficient, and patient-centric. But connected devices with IoT sensors (e.g., glucose monitors, insulin pumps, defibrillators) often have unprotected security vulnerabilities that endanger healthcare facilities and even patients. In fact, medical practices with more than 70 percent of their devices connected are 24 percent more likely to experience a cyberattack than practices with 50 percent or fewer connected devices. 

Fifty-three percent of healthcare IT staff rate the cybersecurity threat level in the industry as high or extreme, yet many healthcare organizations are not taking the necessary steps to protect medical IoT devices. Alarmingly, 57 percent do not always change the default username and password for each new connected medical device that is put into use. Additionally, 82 percent run connected medical devices on old Windows systems. 

If a security vulnerability is discovered, organizations should patch the device or update its firmware as soon as possible. Unfortunately, 68 percent of healthcare organizations do not always update connected devices when a patch is available. But vulnerabilities and associated patches are not always well publicized, which means healthcare IT staff must stay up to date on emerging threats to medical IoT devices. 

Medical IoT security requires proactive and ongoing vigilance. Healthcare practices should conduct routine vulnerability assessments before connecting medical devices to their IT network. They should also keep an up-to-date and accurate inventory of all connected devices plus associated software and firmware and use software to monitor these devices. 



December 1, 2022


Topic Area: Information Technology


Recent Posts

Disinfectant Dispensers in Healthcare Facilities Often Fail to Deliver Safe Concentrations: Study

Study of 10 hospitals finds 90 percent have at least one dispenser delivering disinfectants at incorrect concentrations.


Duke University Health System Receives $50 Million for Proton Beam Therapy Center

The donation is the largest philanthropic gift received by Duke University Health System.


UT Southwestern Experiences Data Breach Through Calendar Tool

The incident occurred in October.


Protecting Patient Data: Strategies and Tactics

As cyber threats and breaches grow, healthcare organizations and facilities need a better approach to cybersecurity.


Duke Health to Acquire Lake Norman Regional Medical Center

The closing is projected for the first quarter of 2025.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.