FDA Warns of Cyber Threats to Medical Devices
The Internet of Things includes a growing number of medical devices, from heart monitors to ventilators and multi-million dollar x-ray machines. More and more hospitals are connecting their equipment to the web in order to give healthcare practitioners access to real-time patient data, an increasingly valuable resource that can mean the difference between life and death.
This modernization is driving noticeable improvements in patient care, as vendors such as IBM are always quick to point out, but it also exposes patient data to cyber threats. Hospitals make particularly attractive targets for hackers due to the fact that medical records are in high demand on the black market.
The tremendous amount of risk associated with this trend has not gone unnoticed by the healthcare industry. The U.S. Food and Drug Administration recently released a note that outlines the threats faced by hospitals and medical device manufacturers, and lists some of the steps these organizations can take to reduce the chance of a security breach.
“Many medical devices contain configurable embedded computer systems that can be vulnerable to cybersecurity breaches. In addition, as medical devices are increasingly interconnected, via the Internet, hospital networks, other medical device, and smartphones, there is an increased risk of cybersecurity breaches, which could affect how a medical device operates.”
The document names several common security vulnerabilities, including the presence of malware on devices connected to hospital networks, lackluster access controls, unpatched software, and insecure off-the-shelf solutions. It recommends that device manufacturers limit unauthorized use of their products, protect individual components from exploitation, and build fail-safe mechanisms into their offerings. Lastly, vendors should incorporate data retention and recovery capabilities in their solutions.
The FDA advises healthcare providers to monitor network activity, perform routine evaluations of IT infrastructure, and contact device manufacturers when they identify potential security problems.
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
