The increased demand for connected health devices is driven by several factors, including remote, home-based care needs for chronic conditions in a growing elderly population. These devices have been shown to increase the quality and effectiveness of health care.
As the use of IoT devices spreads throughout the healthcare sector, though, increased IoT device security is needed to ensure patient safety. The importance of securing the health of connected health devices will only increase as cyber-criminals work harder both to exploit known vulnerabilities and to discover new vulnerabilities.
Here are a few of our (admittedly cybersecurity-based) thoughts on connected medical devices.
Will Rewards Outweigh Risks?
Connected health devices have revolutionized healthcare and can help reduce the cost of care. But because of their increased use, it is expected that the healthcare industry will face increasingly numerous cybersecurity threats in the coming years via connected health devices as exposed attack surfaces. Somewhat paradoxically, then, the use of connected health devices increases risks that could jeopardize the health and well-being of patients despite the rewards that such usage promises.
In “The Healthcare Internet of Things: Rewards and Risks,” The Atlantic Council and Intel Security outline four categories of networked medical devices which can place consumers at risk.
- Consumer products for health monitoring, e.g. FitBit bands that use Bluetooth to communicate with personal mobile devices
- Wearable, external medical devices, e.g. portable insulin pumps that use proprietary wireless protocols for communication
- Internally embedded medical devices, e.g. implanted pacemakers that communicate wirelessly via Bluetooth or proprietary wireless protocols
- Stationary medical devices, e.g. homecare cardio-monitoring or hospital-based chemotherapy dispensing stations that connect wirelessly to WiFi networks in patient homes or hospitals
The report also highlighted several notable risks for connected medical devices based on:
- Unlike what is seen with technologies used in mobile phones or tablets, e.g. iOS or Android, 3G or 4G and WiFi or WiFi only, there is lack of standard operating environments, protocols and architecture for connected medical devices.
- The programming languages used for coding device software varies and both hardware and software technologies tend to be older to help simplify maintenance of these medical devices. Because the hardware and coding are older, they are more likely to contain vulnerabilities known to hackers.
- There is a lack of rigorous access control as device makers tend to use embedded credentials that allow emergency access to their devices, which pose a considerable risk to users. We here at ReFirm have found several instances ourselves where device manufacturers have left passwords and other credentials exposed in firmware.
- Many connected medical devices lack flexible maintenance and updating features. Despite the speed with which makers have been able to implement new features, these devices will remain unpatched and vulnerable if updating them is too difficult or complicated for end users.
Changes Needed, Including Secure-By-Design
Manufacturers of connected health devices need to take a more proactive approach toward reducing the security risks associated with healthcare IoT device security. In “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices,” the Food and Drug Administration requested that connected health device makers submit information regarding any identified risks and what controls have been put in place to mitigate known risks. Although this document dates to late 2014, its guidance is still relevant to today's connected medical device marketplace: Device manufacturers should adopt “secure-by-design” principles when creating future connected health products. This is because trying to implement security features after a device's initial rollout is costly. And as mentioned above, once devices have been transferred to patients it becomes more difficult to try to secure them -- and leaves consumers always a step or more behind the bad guys.
Addressing Risks of Connected Health Devices
Because stricter regulation has yet to be promulgated for connected health devices, and because consumers often do not or cannot update devices themselves, the onus falls on hospitals and other healthcare providers. The Atlantic Council report estimates that approximately $64 billion could be saved in healthcare costs over the next 15 years, but notes these savings come at a cost. Healthcare providers have been left to address the potential failures or risks of connected health devices that could jeopardize the safety of their patients and security of their network environments. If a breach in patient privacy were to occur, patient and public trust would be eroded and costs to healthcare providers skyrocket.
Indeed, the potential threats faced by healthcare providers are numerous:
- Disruption of care
- Stealing of data to be used for extortion, blackmail, medical identity theft or fraud
- DoS attacks
- Destruction of data
- Ransomware that could bring care to a standstill
- Targeting of specific classes of networked medical devices
- Threat of targeted killings by hacktivists or terrorist groups
Given the variety of risks, then, healthcare providers must evaluate new connected medical devices to ensure they are capable of securely storing and transmitting data, accepting security updates for operating software and firmware, and properly use APIs that ensure a secure connection. These same procedures also need to be followed in hardening healthcare provider networks and IT infrastructure.
Mitigating Risks for Connected Medical Devices
The threat to connected medical devices is obvious. What might not be so obvious is what to do about it if you're a healthcare provider prescribing or using these devices -- but do something you must. If your healthcare organization uses connected health devices, then you should be aware of the benefits of using Centrifuge Guardian, part of the Centrifuge Platform, from ReFirm Labs. Centrifuge Guardian continuously monitors device firmware to proactively alert you whenever new threats impact your network, computers, peripherals and connected health devices.
If you'd like to see a demo of what Centrifuge is, and everything it can do to help you secure your healthcare organization and its connected medical devices, we'd love to show you: