Looking inside the threats to connected medical devices

An ethical hacker is helping healthcare IT managers understand how hackers approach their targets and how to stop them.
By Gus Venditto
07:23 AM

Memories of the May WannaCry attacks have started to fade but the threat to healthcare systems is not going away. In fact, while the risk has been seen mostly in IT administrative systems and EHRs, many believe that the threat to medical devices is even greater.

The growth of IoT systems throughout the healthcare landscape is one reason for this change in the landscape. Security is not always built into medical devices. A recent TrendMicro report found more than 36,000 healthcare devices were easily discoverable using Shodan, the public able search engine available for discovering Internet-connected devices.

A strong defense will require more than simply maintaining a firewall and keeping software security patches up to date.

[Also: Webinar: Preventing and dealing with ransomware attacks]

Kevin Johnson, a noted ethical hacker and president of Secure Ideas, says “it is critical that organizations understand how these attacks work.”

Johnson will be speaking on Thursday, June 15 in the HIMSS Learning Center, explaining how hackers are approaching their targets in order to give healthcare IT managers more ammunition in their defensive strategies.

[Also: Unsecured medical devices: Healthcare's new warning call]

“Once the [hacker view] is understood, “ Johnson said, “then the detection and prevention becomes part of the normal operations. “

In his presentation, "Preventing and Dealing with Ransomware Attacks: How to Keep Your Data Safe," Johnson will describe how common attacks are developed and demonstrate the issues they create. The session will be recorded and will be available for listening on demand at the HIMSS Learning Center.