2023-07-13 12:24:28
Connected medical devices create attack surfaces for cyber threats. A 2022 FBI report cited research showing that 53% of IoT and connected devices in hospitals had known vulnerabilities.
40% of end-of-life medical devices offer little or no updates or security patches.
Connected medical devices, also known as IoMT (Internet of Medical Things), can dramatically improve patient health while minimizing the potential for harm. Driven by technological advances, the IoT in healthcare market in Latin America was valued at US$6.51 billion in 2021 and is expected to grow rapidly at a CAGR of 24.30% during 2023-2028.
According to Fortune Business Insights, the global IoMT market will rise to nearly $188 billion by 2028, quadrupling in value from 2020.
The dangerous side of medical technology
Connected medical devices create attack surfaces for cyber threats. This possibility has already been explored in popular culture, since according to Marc Goodman, author of the book Future Crimes, describes how difficult it can be to investigate an attack on connected medical devices: “Evidence of medical device tampering may not even be located on the body, where the coroner is used to finding it, but rather might be thousands of miles away, across the ocean on a foreign computer server.” .
For Dean Coclin, Senior Business Director of Development at DigiCert.“There are many other, albeit less spectacular, ways that threat actors can infiltrate IoMT. Ransomware can crash hospital networks, preventing patient data from reaching infusion pumps. Breaking into a connected medical device can wreak havoc on other devices that depend on it, as patient data can be compromised.” A 2022 FBI report cited research showing that 53% of IoT and connected devices in hospitals had known vulnerabilities, that there are an average of 6.2 vulnerabilities per medical device, and that 40% of medical devices at the end of their lifespan they offer little or no updates or security patches. Given the myriad connections between different devices and networks, it is essential to protect and monitor connected medical devices with an upgradable security infrastructure.
The positive sides are undeniable.
Digital trust ensures that users can trust that the interactions, processes, and transactions they carry out are secure, as discussed in the IDC report, Digital Trust: The Foundation for Digital Freedom. For connected medical devices, incorporating digital trust into a device security strategy that may encompass the following:
Establishing device authenticity and preventing forgery: Digital certificates can securely authenticate device identity, preventing devices from booting or functioning if compromised. Encryption of private patient data transmitted wirelessly or over a network: Digital certificates can ensure both encryption and data integrity, preventing data theft or tampering by bad actors. Improve user confidence in device security: Secure device identity and operations can provide users with the confidence to incorporate devices that improve patient outcomes. Secure integration with other technologies that improve the accuracy of patient care: Connected medical devices can be securely integrated into protected systems that automate the accurate and timely delivery of medicines.
Providing digital trust
Not surprisingly, implementing digital trust strategies for IoT devices is rarely easy. But it is possible to successfully address them with the following tools:
Intermittent connectivity at manufacturing sites: Inconsistent factory connections dictate strategies that enable continuous delivery of digital certificates to finished parts or devices for continuous line operation, even during internet outages. Diverse product lines with different form factors and security needs: DigiCert IoT trust solutions enable centralized approaches to digital trust management, governing multiple types of certificate authentication and enrollment needs. This ensures consistency in architecture and policy while reducing the need for highly trained PKI experts to build custom security applications. Integration with cloud services: Cloud providers offer value-added services for IoT management however many require custom code development and API integration. This can eventually lead to an unsustainable level of maintenance. DigiCert IoT Trusted Solutions automate integrations with Azure IoT Hub and other cloud resources, so development teams can focus on their work instead of system integration.
“As the number of attacks on healthcare providers increases, it becomes more important than ever for IoMT device manufacturers to find a way to cement digital trust across all their product lines”added Dean Coclin.
In countries like the United States, organizations like the Food and Drug Administration now require medical device applications to provide reasonable assurance that the devices are protected, including providing the FDA with an invoice for software or materials used by the devices, and perform security updates and patches regularly and in critical situations. Digital trust architectures and strategies help IoMT device manufacturers meet these market and regulatory requirements.
1689258611
#benefits #dangers #medicine #digital #security