The healthcare sector was on a steady track towards digitization and with the massive blow from the COVID-19 crisis it is all but leading the charge. Remote monitoring and other connected medical devices have made it possible for healthcare providers to exceed capacity limits, as the rest of the world realizes the crucial role they play in aiding response staff in enabling “smart” monitoring, timely care, and saving lives. But what happens after the pandemic and what does this mean for security?
The many on-hold non-essential and routine patient care services, like surgeries, will be rescheduled with urgency. This will continue the surge in Healthcare Delivery Organizations (HDOs) to heavily rely upon IoMT devices that support use cases such as remote device management and remote patient monitoring.
In 2020 alone, 40% of manufactured IoMT devices connected to healthcare networks, a jump from 20% in 2018, according to verbal customer validation by one of our customers. In fact, the Food and Drug Administration (FDA) approved 54 new medical devices last year like implantable nerve systems and automated external defibrillators (AEDs)1. Beyond the four walls of a healthcare delivery organization (HDO), Gartner’s IoT Healthcare 2021 Forecast Data is expecting 21% CAGR for healthcare device growth to 873 million in 2025.
With all this being said, one of the main drawbacks of IoT in healthcare is the lack of security by design, leaving the serious responsibility of protecting medical devices solely in the hands of HDO security teams.
The proliferation of unmanaged and unaccounted IoMT devices, their disparate nature, lack of security by design, dependence on unsupported operating systems, along with network and internet connectivity considerably widens the attack surface. Recent advisories, like this one on a TrickBot ransomware campaign, identify healthcare as a prime target for attackers, heightening the concern around IoMT. In 2020, Palo Alto Networks Unit 42 analyzed 1.2 million IoT devices located across enterprises and healthcare organizations, bringing to light some stunning facts and helpful tips on protection these devices:
Diving deeper, any exploited vulnerability in IoMT enables cybercriminals to take a number of malicious actions that include seizing control of the medical device, stealing sensitive patient health, personal, and insurance information (ePHI), stealing proprietary clinical records, obfuscating network traffic, disrupting healthcare delivery processes, ransoming the device to turn a profit, or just plain lateral movement into the IT network.
As damaging as these cyber activities can be, they’re the tip of the iceberg. Cybersecurity incidents aren't going anywhere and are bound to get more egregious as the world continues to grapple with the COVID-19 crisis and its aftermath. Healthcare organizations are in urgent need to proactively tackle IoMT security challenges head on.
The most basic step in securing IoMT begins with obtaining trusted visibility and classification of all IoMT devices across hospital networks, data centers, endpoints, remote clinics, and mobile assets. By doing this, healthcare IT teams will be empowered to take a proactive “prevention-first” approach instead of an “alert-only” reactive approach to keeping medical devices safe from potential threats.
At Palo Alto Networks, we are on a mission to relieve healthcare CISOs from the necessary burden of putting a robust medical device security strategy in place, freeing their organizations to focus on bringing about positive patient outcomes.
For more information and IoT security best practices your organization can deploy, read the full 2020 Unit 42 IoT Threat Report.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.