Opportunities & pitfalls in healthcare IoT
A recent report by Vodafone titled Better Health, Connected Health: How 5G and IoT Technology can Transform Health and Social Care found overwhelming support for the introduction and increase of digital technologies in the NHS, including 5G and IoT, as a way of streamlining healthcare and making it more affordable.
The Internet of Things (IoT) is described as a network of physical devices that uses connectivity to enable the exchange of data. In the context of healthcare, IoT, powered by the new and emerging 5G networks, can have potential benefits. These include clinicians using data-intensive augmented reality or virtual reality visualizations to help patients better understand a diagnosis or treatment and technologies that can help a specialist better analyze a patient's condition.
However, the use of IoT in healthcare is not without its pitfalls – by and large, IoT devices cannot be centrally managed, patched, updated, or secured. IoT devices are simple and functional and this makes them vulnerable to being exploited by cybercriminals.
Evan Dumas, Regional Director, Southeast Asia, Check Point Software Technologies shares his insights on the opportunities and threats of IoT in healthcare, as well tips on preventing ransomware attacks.
Benefits of leveraging IoT in healthcare
According to Dumas, some of the benefits of leveraging IoT in healthcare include decreased operational costs (through the use of IoT medical devices), better patient experience and reduction of errors. In terms of improving patient experience, IoT connected healthcare applications can offer remote monitoring and make physical spaces smarter and more integrated. The improved efficiency of operations, clinical tasks, and management of essential resources all contribute to the improvement in experience.
With real-time data and the possibility of analyzing the past treatments and diagnosis of a patient, smart healthcare systems using IoT can help to reduce errors. Treatment outcomes can also be improved as the data gathered by IoT healthcare devices are highly accurate and can help healthcare professionals make informed decisions. Similarly, IoT healthcare applications which provide ubiquitous monitoring systems can also be used for disease management and the improved data analytics can lead to better insights for better disease management.
Pitfalls in healthcare IoT
When it comes to securing IoT devices against cyberattacks, Dumas added that hospitals contend with unique challenges and characteristics. Firstly, there are on average 10 to 15 medical devices per bed, such as infusion pumps and respirators, but many of these devices were designed with little to no security in mind. Next, almost half of connected medical devices run on unsupported operating systems (OSs) (or legacy OSs) that no longer receive security updates. These include ultrasound machines, MRIs and more, and makes them low hanging fruit for cyberattacks, such as ransomware.
Compromised electronic protected health information (ePHI) records are sold underground for hundreds of dollars per record, making them an attractive target. Hospitals spend an average of US$430 per record to mitigate each stolen medical identity. When hospitals wish to upgrade the OSs underlying their medical devices, this proves to be difficult due to operational considerations and the need to have devices retested and recertified for use.
Lastly, medical devices are not the only things that are vulnerable to compromise - smart office and building management systems (BMS) assets are also prime targets, whether as a segue into the hospital network or as a target for manipulation and takeover.
Monitoring and securing IoT devices, legacy OSs and health records
Dumas has a few suggestions regarding the securing and monitoring of IoT devices, legacy OSs and health records for healthcare organizations. It is important to ensure complete IoT device visibility and risk analysis, vulnerability mitigation and zero-day threat prevention even on unpatchable devices and intuitive Zero Trust network segmentation and management.
Having complete IoT device visibility and risk analysis will help identify and classify IoT devices on a given network. This is done through integration with leading discovery engines to expose risks such as weak passwords, outdated firmware and known vulnerabilities.
Ensuring complete IoT device visibility and risk analysis helps identify and classify IoT devices on a given network through integration with leading discovery engines to expose risks such as weak passwords, outdated firmware and known vulnerabilities. IoT devices should be ‘virtually patched’ to fix security flaws, even those with unpatchable firmware or legacy operating systems. It is key to identify and stop unauthorized access and traffic to and from devices and servers, and to prevent IoT-targeted malware attacks.
Applying and enforcing granular security rules across the entire IoT network fabric based on device attributes, risks and protocols will help ensure intuitive Zero Trust network segmentation and management. It is also important to support holistic security policy management in a single pane of glass for both IT and IoT networks.
Common cybersecurity breaches/incidents and how to prevent them
“According to the recent findings of INTERPOL, the International Criminal Police Organization, threat actors have ramped up their attempts to pollute the IT networks of hospitals with ransomware even as the COVID-19 pandemic continues. The adverse outcome of such an incursion is not restricted to data damage or monetary damages to the organization. It also hinders quick medical response and has the potential to impact the physical well-being of the patients, making the situation a literal matter of life and death,” said Dumas.
He provides the following tips to help healthcare institutions ensure that they are less susceptible to ransomware attacks:
- Education: Training users on how to identify and avoid potential ransomware attacks is crucial. As many of the current cyber-attacks start with a targeted email that does not even contain malware, but only a socially-engineered message that encourages the user to click on a malicious link, user education is often considered as one of the most important defenses an organization can deploy.
- Continuous data backups: Maintaining regular backups of data as a routine process is a very important practice to prevent losing data, and to be able to recover it in the event of corruption or disk hardware malfunction. Functional backups can also help healthcare organizations to recover from ransomware attacks.
- Patching: Patching is a critical component in defending against ransomware attacks as cyber-criminals will often look for the latest uncovered exploits in the patches made available and then target systems that are not yet patched. As such it is critical that organizations ensure that all systems have the latest patches applied to them as this reduces the number of potential vulnerabilities within the business for an attacker to exploit.
- Endpoint protections: Conventional signature-based anti-virus is a highly efficient solution for preventing known attacks and should definitely be implemented in any healthcare organization, as it protects against a majority of the malware attacks that a healthcare organization faces.
- Network protections: Advanced protections in the enterprise network such as Intrusion Prevention System (IPS), Network Anti-Virus and Anti-Bot are also crucial and efficient in preventing known attacks. Advanced technologies such as sandboxing have the capability to analyze new, unknown malware, execute in real time, look for signs that it is malicious code and as a result block it and prevent it from infecting endpoints and spreading to other locations in the organization. As such, sandboxing is an important prevention mechanism that can protect against evasive or zero-day malware, and defend against many types of unknown attacks on the organization.