Report Concerning Cybersecurity Risks of Connected Medical Devices Published

The report identifies 162 different cybersecurity vulnerabilities in connected medical devices.

By HFT Staff


Forescout Technologies, Inc., published the “Unveiling the Persistent Risks of Connected Medical Devices” report. Building on “The Riskiest Connected Devices in 2024” report from June, this research analyzes more than two million devices across 45 healthcare delivery organizations (HDOs) during the last week of May 2024. The findings reveal a growing risk from connected medical devices, with the most vulnerable listed as Digital Imaging and Communications in Medicine (DICOM) workstations and Picture Archiving and Communication Systems (PACS), pump controllers and medical information systems. 

Hacking remains the top cause of data breaches, with 595 hacking incidents reported to the U.S. Department of Health and Human Services in 2023, an average of 1.6 data breaches per day on healthcare institutions. The new Forescout Research – Vedere Labs research identifies 162 vulnerabilities affecting Internet of medical things (IoMT) devices. Most often, cybercriminal attacks on connected medical devices aim to steal sensitive patient data, including personally identifiable information and medical and treatment history. In worst case scenarios, attacks can disrupt healthcare operations and pose direct threats to patient safety. 

“The increasing prevalence of IoMT devices has introduced new cybersecurity risks, and cybercriminals are taking advantage to exploit vulnerabilities for financial gain through ransom payments or the sale of patient data on the dark web,” says Barry Mainz, Forescout CEO. “These devices may be 10 years old or more and you can’t secure them the same way you would more modern devices. Once they’ve been deployed it’s very difficult to update or patch the software, and that’s why they continue to be a prime target for cybercriminals.” 

Forescout research key findings include: 

  • The top three riskiest devices are critical to HDOs: DICOM workstations and PACS (32 percent critical unpatched vulnerabilities), pump controllers (26 percent critical unpatched vulnerabilities and 20 percent with extreme exploitability), and medical information systems (18 percent critical unpatched vulnerabilities) are the most at-risk medical devices and could lead to remote denial of service, information disclosure or remote code execution. 
  • Cybercriminals increase attacks against DICOM servers: Many organizations use unencrypted communications, allowing attackers to obtain or tamper with medical images from DICOMs, including to spread malware. From August 2022 to May 2024, exposed DICOM servers increased by 27.5 percent. From a honeypot running from May 2023 – May 2024, Forescout observed 1.6 million attacks on these servers, averaging one attack every 20 seconds. While most attacks are scans and automated attempts to exploit standard services such as HTTP, some aim to steal sensitive patient data. 
  • Windows systems are at risk: Half of the top 10 vulnerabilities are critical flaws in Windows systems that can lead to a full takeover of a device via remote code execution and could be exploited by malware if medical devices are online or connected to compromised networks. 
  • Devices lack anti-malware protection: Although 52 percent of IoMT devices are running Windows software, only 10 percent of all IoMT are actively running anti-malware. This is likely due to software and certification restrictions for embedded devices, making endpoint protection more challenging and highlighting the need for stronger network security. 

“Healthcare organizations will continue to face challenges with medical devices using legacy or non-standard systems,” says Daniel dos Santos, head of security research at Forescout Research – Vedere Labs. “A single weak point can open the door to sensitive patient data. That’s why identifying and classifying assets, mapping network flow of communications, segmenting networks and continuous monitoring are essential to securing growing healthcare networks.” 



October 31, 2024


Topic Area: Information Technology , Security


Recent Posts

17 Million Patient Records Stolen in PIH Health Ransomware Attack

A ransomware attack halted operations across three of PIH’s hospitals.


Holidays are Prime Times for Healthcare Cyberattacks

A study found that 86 percent of organizations that experienced ransomware attacks were targeted on a holiday or weekend.


Hartford Healthcare Forms Partnership to Open Health Equity Clinic

The new clinic will open in January 2025.


UCHealth Reveals Plans for Memorial Hospital North Expansion

Construction on the patient tower is slated for 2026 with a projected opening to patients in 2029.


What Are 'Hospi-tels'?

Hospitals and hotels are partnering to better cater to patients and families.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.