Internet of Medical Things (IoMT) devices have been propagating in the field of healthcare. The addition of health technology equipment has been a big boost to the industry by mainly helping the professionals in doing their tasks. In return, the patients would receive comfortable treatment for this cause.
Although the adoption of modernity has reached even the far-flung areas, the presence of these devices remains hot in the eyes of cyberattackers. The hospitals are not only dealing with the patients--these times, they are also fighting the cybercriminals who are always on the lookout to exploit the vulnerable healthcare systems.
What are IoMT Devices?
Last year, a Cisco blog wrote that on average, a hospital has 15 to 20 IoMT devices. If you are not familiar with them, they could be in the form of a smart bed, an IV pump, an MRI machine, a ventilator, a monitor, and other health tech devices. Smartwatches are also considered under the same category.
In a Netscout Threat report two years ago, these devices were very prone to cyberattacks and hackers could penetrate their systems in under 10 minutes given that they are linked to the internet. An alarming rate of attacks attributed to 63% had been recorded in 2019.
This showed that hackers could exploit the healthcare systems by surprise like in the case of a ransomware attack done by the Conti gang. What made it worse for the hospitals is the outdated systems that still continue in operation. Despite their aging usage, the institutions only contributed to the vulnerability of the IoMT devices.
The Role of Firmware in Attacking IoMT Devices
According to Forescout's findings this year, there is a WRECK bug firmware that gives the cybercriminals an easy pass to control the medical devices even without the internet--or through offline.
The biggest challenge that attackers could face is determining the number of devices that need to be controlled. Since the systems of the devices vary, not all devices can be easy to infiltrate. It depends on the manufacturer if they could easily patch it during their operations.
These problems should be addressed by the healthcare sector. For now, here are some of the steps to secure the IoMT devices, according to Health Tech magazine.
1. IT teams should be knowledgeable about IoMT devices
Of course, the security experts should be well-versed in the information about the operating systems of the devices. They should also be aware of what is really happening to their networks. On top of that, they should have a good grasp of what's inside their inventories so they could conduct a thorough evaluation of possible cyberattacks.
They should also run regular testing and assessment so that they could know the potential threats that could come and how to prepare for them.
2. Strong Passwords
Like any other system, IoMT devices should be safe-guarded with strong passwords so hackers could have a hard time unlocking them. For instance, the popular Mirai malware has infected many IoT devices with a weak passcode. For this reason, many industries have ordered their IT systems to adopt a two-factor authentication paired with an extremely strong password for their devices.
3. Network Segmentation
Each device should have a network that has a corresponding security policy. For that part, healthcare systems could prevent the spawning of malware by segmenting the networks from others. In this way, exposure to the potential virus can be avoided.
4. Device Patching
Industries should be aware that well-planned patching will bar the attackers from their operations. Always safeguard the IoMT devices by updating your firmware and software. Make sure to regularly do this to prevent vulnerability attacks.
5. Active Monitoring of Network Traffic
IT experts should always look after the network systems' conditions for possible vulnerabilities. Always check the activities of the networks and if there is a suspicious case, the firm should have first-hand knowledge on how to halt it. Prevention is always better than cure.
This article is owned by Tech Times
Written by Joseph Henry