Printer Friendly, PDF & Email

'Ecosystem' of Connected Devices Heightens Cybersecurity Risk

In a version of the future that hopefully never comes, malware is able to remove malignant-looking tumors from CT or MRI scans before they were reviewed by radiologists. The malware, which was part of an ethical hacking study by Israeli researchers, tricked three radiologists into misdiagnosing conditions virtually every time.[1] These types of attacks may be facilitated in part by insecure code that’s prevalent in connected health devices. For example, an MRI machine typically has seven million lines of code, and programmers make, on average, 10 to 50 errors for every 1,000 lines of code.

“The errors in the code create vulnerabilities in the software that hackers and cybercriminals can then use to facilitate a cyberattack,” said attorney Bethany Corbin, with Nixon Gwilt. “That’s a lot of vulnerability to take into account when creating a cybersecurity strategy.” It’s one example of how connected health devices pose a risk to patients and the organizations that treat them, raising the stakes for mitigation strategies, including endpoint security and vendor audits, she said at a May 9 webinar sponsored by the Health Care Compliance Association.[2]

Connected health devices facilitate communication across platforms and the internet, enabling the transfer of data through a wireless infrastructure, she explained. Connected medical devices, also called the Internet of Medical Things (IoMT), are a subset of connected health.

This document is only available to subscribers. Please log in or purchase access.

Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field