The healthcare industry is experiencing a transformative shift to “Healthcare 4.0” driven by technologies such as cloud, 5G, AI/ML, blockchain, and IoMT, which will enable convenient, quick, and remote Provide both diagnostic and disease prevention advice to patients. Teleoperation in the hospital and at home IoMT and other emerging technologies will play a transformative role in modernizing healthcare networks and care delivery. These technologies power smart medical devices connected via communication media (Wi-Fi, Bluetooth, Internet to cloud). IoMT exchanges sensitive patient medical data and personal information with a central location, combining the digital and physical worlds to improve the speed and accuracy of diagnosis, treatment, and real-time monitoring.
While IoMT-driven modernization offers many benefits, it also presents new challenges for hospital chief information security officers (CISOs). Hospitals are home to many networked medical devices that are targeted by a variety of security threats. Healthcare systems must prioritize addressing the evolving threats posed by these connected devices.
Understand your unique threat landscape
A typical healthcare organization or hospital may have more than 20,000 connected devices, including IT, IoMT, IoT, and OT devices. In the hospital, guest users can use his Wi-Fi access free of charge. Guests may connect to the same hospital network that critical medical equipment is connected to (in the case of a flat network), potentially giving cybercriminals access. The most common threats posed by IoMT devices include ransomware, intentional data theft (including protected health information), attacks on networks, and tampering with medical data that can impact patient health. This includes device tampering. Cybercriminal groups can also turn vulnerable hospital networks into money-making machines (e.g. through cryptocurrency mining). Attackers are becoming increasingly sophisticated at scanning the Internet for vulnerable systems ripe for exploitation, such as hospital networks and medical equipment.
Why IoMT environments lack cybersecurity
Addressing cybersecurity can be challenging due to the large number of different network-enabled devices within hospitals. These disparate IoMT devices may or may not be managed, and are often Run an older OS, use an older browser, and connect via a wired or wireless network. Some devices include insecure protocols and default credentials. Medical devices that use default credentials are the weak link in the network. These devices exchange data in and out of the network through both proper and insecure protocols.
Patch management implementation is inadequate in many healthcare facilities. IoT medical devices often include static credentials (difficult to change), no encrypted communications, open ports, unknown services, and proprietary firmware. Lack of vulnerability identification and management creates even more problems. Installing security hardening agents on unmanaged devices is difficult due to device constraints such as insufficient memory, proprietary operating systems, and protocols. Existing IT-based vulnerability scanning tools that perform active scans are often not supported on these devices. Some devices also use non-standard protocols, making it difficult to identify vulnerabilities within the device.
Proven mitigation strategies for healthcare CISOs
Wipro has worked with many hospitals to develop cybersecurity strategies to protect IoMT healthcare networks and ensure HIPAA compliance. Key IoMT security strategies for hospitals include:
- risk assessment. Security stakeholders can examine healthcare network posture against industry best practices and guidelines, identify gaps in IoMT cybersecurity policies, and identify managed and unmanaged IoMT assets exposed to the internet. However, you should understand that most IoMT devices use static passwords (passwords that do not change or change). (difficult to change), poses obvious security risks.
- Network segmentation. Healthcare organizations must identify critical networks and create separate guest networks and hospital networks. Segmentation is a control strategy that affects all components of a Zero Trust architecture. Segmentation approaches should consider device classification based on functionality and vendor group, user security (external talent, remote vendor support, business associates), sensitive patient health data, and critical applications that save and sustain lives. there is.
- Data security and privacy. Medical device gateways (which collect data from various devices) must be fully secure during production (in use), storage (at rest), and transmission (in transit). Organizations must restrict access to data to authorized parties. A mechanism to detect rogue devices/gateways on the network is also required.
- Harden and repair IoMT devices. Healthcare organizations leverage a patch management platform that enables proactive and automated password strengthening, remediates default/weak passwords, automates enrollment in privileged access management (PAM) tools, and schedules password rotation. and implement effective password management.
- Continuous threat and vulnerability identification platform. The platform should be completely passive and non-intrusive, providing complete visibility, classification, and vulnerability identification of assets. This platform should also be monitored for anomalous behavior and security.
Important points
Hospital systems face difficult challenges. Emerging technologies are advancing in capabilities, benefits, and risks with speed and scale. Connected devices are more common than ever, both in healthcare facilities and in patients' homes. All of these devices pose a potential threat to hospitals and their patients. A comprehensive cybersecurity plan that extends from devices to networks with secure data pipelines is essential.
