Medical Device Cybersecurity
The world of cyber risk continues to develop and expand since our May 2016 paper on Medical Device Cybersecurity.1 The threat of ransomware has come to the forefront as demonstrated by global attacks such as Wannacry2 and Petya. These attacks show how hackers have become more sophisticated in their ability to use malware to exploit vulnerabilities in systems, hardware and devices, as well as highlighting the vulnerabilities of devices and systems that, through their lack of patching and support, and outdated operating systems, are exposed to hacking, worms, etc., that can affect patient safety, system security and data integrity.
The number of connected devices in the Internet of Things (IoT) continues to grow, both globally and within the healthcare industry, expanding the playing field for hackers. Many of those devices, even new ones, are not supported by the device manufacturer in terms of software security and updates. These vulnerable devices help to spread attacks quickly and efficiently.