Network Security, Vulnerability Management

Healthcare needs to defend devices, apps. Stat!

Healthcare facilities are focusing their defensive efforts in the wrong place by primarily trying to protect patient information while ignoring other avenues of cyberattack against medical devices and applications.

A 71-page report by Independent Security Evaluators (ISE) that studied healthcare facilities, data centers, medical devices and software applications for cyber weaknesses found that medical facilities not only defend mainly against single and small groups, while underestimating the potential threat posed by terrorist and nation-state cybercriminals, but also use antiquated equipment and procedures.

ISE ran a series of attacks and found it was a simply matter to crack a hospital's network enabling it to manipulate medical gear in a way that would endanger the patient. Another attack mode had teams placing malware-laced USB sticks in the facility that were picked up and inserted into medical equipment by staffers and found that within 24 hours the planted malware had appeared in the system.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.