- Organizations are rapidly adopting mobile devices, which requires them to consider Internet of Medical Things (IoMT) security and what steps need to be taken to secure the devices.
Most IoMT devices, such as wearables and monitors, don’t appear to be high risk because they don’t function the same way as other mobile devices (i.e. laptops and smartphones). Many IoMT devices send signals to the network and don’t contain displays or interfaces that can be used to navigate the network.
However, these devices can be hacked and cyberattackers can use them to gain access to the network, putting patient data at risk.
A recent ZingBox survey revealed that over 90 percent of healthcare networks support IoMT devices and over 70 percent believe that traditional security solutions are sufficient enough to secure the IoMT devices.
"The survey results demonstrate the current state of confusion and misconceptions abound in the healthcare industry on how best to secure connected medical devices,” ZingBox CEO and Co-Founder Xu Zou said in a statement. “The need to gain a deeper understanding of the unique individual personalities of IoT devices remains a foreign concept to many. Unfortunately, you need to understand the device personalities to gain accurate visibility and protection."
"IoT technology presents special challenges to a healthcare organization's ability to protect itself from both insider threats as well as external cyber-attacks across a wide range of attack vectors, as demonstrated by the most recent WannaCry ransomware and NotPetya wiperware attacks,” Zou continued. “As these attacks continue to step to the forefront, companies deploying IoT devices need to be more cognizant than ever of their security measures."
The survey revealed that 76 percent of IT decision-makers are confident that all of the devices connected to the network are secure against outside attacks. Many of these entities are using the same security measures for laptops. Organizations believe that they can detect irregular network traffic down to malfunctioning infusion pumps sending the wrong signals.
"The results of the survey were sobering in terms of the risks the healthcare community faces," said May Wang, CTO and Co-Founder of ZingBox. "This is a tremendous opportunity to raise awareness of healthcare organizations regarding their perception of security and their need to consider modern techniques such as cloud, machine learning and real-time remediation across an organization's entire IoT footprint.”
“IoT requires a more thorough approach to constantly monitor for deviations in behavior and provide alerts for suspicious behavior."
Organizations deploying IoMT devices need to consider what the device is doing and how it connects to the network as they determine how to secure it.
Will the device store data on it? Will it be both sending and receiving signals? If the device is stolen can it be traced back to the data source? Who can access the device and how?
Security needs to exist in both the network and the device. Network security protocols need to be in place to detect abnormal behavior from IoMT devices.
For example, encrypting IoMT devices can protect them if they are lost or stolen.
Network wide monitoring solutions such as security information and event management (SIEM) can give IT administrators a much better view of the network and the different devices connected to it.
SIEM presents event data in a single view from security devices, network infrastructure, systems and applications, as well as log data and network packets. The event data is combined with context information on the user and network vulnerabilities.
Software-defined networking (SDN) is another way to gain more control over the network. SDN strips away the complexities of wireless hardware by consolidating management functions into a management server that dictates how data moves through the network. This allows IT administrators to retain more control over their networks and respond to demands on their networks more quickly.
Gaining better visibility of the network is important when it comes to IoMT devices. Many IoMT devices simply chat with the network by sending signals that will change if a patient’s status becomes life threatening or needs attention. The better visibility and control an organization has over its network, the faster it will be able to react to cyberattacks and detect potential threats.