Secure your distributed medical devices with robust machine identity management
Mon, 07/11/2022 – 16:49
Healthcare organizations are increasingly targeted by criminals
The healthcare industry continued to be one of the most targeted sector in 2021witness of a 51% increase in offenses since 2019. While patient privacy has always been a common breach concern for healthcare organizations, a new study has found that cyberattacks in the industry can have devastating effects on patient safety as well.
Many organizations have reported that healthcare ransomware attacks have led to longer hospital stays and delays in procedures and tests that have led to poor outcomes, including increased patient mortality. And respondents reported an increase in the number of patients being redirected to other facilities and an increase in complications from medical procedures due to ransomware attacks.
In 2020 alone, 560 healthcare facilities in the US have been reported as victims of ransomware attacks in 80 different incidents. These attacks resulted in:
- Large amounts of Protected Health Information (PHI) and other sensitive data are stolen
- Electronic health records (EHRs) are rendered temporarily inaccessible and, in some cases, permanently lost
- Delayed procedures, tests and treatment
Connected medical devices are vulnerable
More than half of internet-connected devices used in hospitals have a vulnerability that could put patient safety, confidential data or a device’s usability at risk, according to a new report from healthcare cybersecurity company Cynerio. The report analyzed data from more than 10 million devices in more than 300 hospitals and healthcare facilities around the world, which the company collected through connectors attached to devices as part of its data platform. security.
The most common type of internet-connected device in hospitals was an infusion pump. These devices can remotely connect to electronic medical records, extract the correct dosage of a drug or other liquid, and dispense it to the patient. Infusion pumps were also the most likely devices to have vulnerabilities that could be exploited by criminals: 73% had a vulnerability. Experts fear that breaches in devices like these, which are directly connected to patients, could be used to harm or threaten them directly.
The most worrying threat comes from ransomware groups that enter hospital systems through a vulnerable device and lock down hospital digital networks, preventing doctors and nurses from accessing medical records, devices and other digital tools, and demand a ransom to unlock them.
Lack of authentication creates man-in-the-middle risks
Another report from Kaspersky Laboratories found 33 vulnerabilities in the most widely used data transfer protocol for Internet of Things (IoT) medical devices, known as MQTT. These vulnerabilities were 10 more than the previous year, putting patient data at risk.
MQTT is a common solution in most IoT gadgets including medical devices. As Kaspersky researchers point out, authentication is not required and encryption is rare, making devices with MQTT vulnerable to man-in-the-middle attacks and data theft.
Healthcare Organizations Need to Invest in Machine Identity Management
The wide range of threats facing healthcare organizations demands a rapid response. As a result, healthcare institutions are investing in cybersecurity solutions. According to the most recent study by Global Market Insights, the healthcare cybersecurity market size is expected to reach an all-time high valuation of $35.5 billion by 2027. medical devices represents 21.5% of total investments. This increased investment is driven by two factors: the expanded attack surface and regulatory compliance.
The best way to secure medical devices is through comprehensive machine identity management. Machine identities identify and authenticate the various devices connected to the organization’s network. By using unique identities for each connected device, healthcare organizations can validate the authenticity of the device and ensure the integrity of its communications with other medical devices.
To leverage machine identities, the respective private keys must be protected. Using a hardware security module (HSM) is the best way to provide tamper-proof hardware security of secret private keys. If the private key is compromised, the whole identity structure of the machine crumbles like a castle in the sand.
In addition to having secure and robust machine identities, healthcare organizations must validate the authenticity and integrity of the software operating in connected medical devices. The code signing process verifies that a software component is valid and authenticates the identity of the developer. Code signing also demonstrates that the code has not been modified or altered since its release.
Venafi Trust Protection Platform is the machine identity management solution that will enable healthcare organizations to take advantage of IoT devices while protecting TLS keys and certificates, SSH keys, and code signing keys across their enterprise. The Trust Protection Platform powers enterprise solutions that give you the visibility, intelligence, and automation needed to protect machine identities across your organization. To learn more, contact one of our experts.