Authored by a Symantec employee
When it comes to the healthcare industry, hospitals and other facilities have a “patients first” mentality. Providing patients with top-notch medical services is always the No. 1 priority. Unfortunately, the same care is not always taken with their online information.
According to experts, the healthcare field is 200 percent more likely to experience data theft and undergoes 340 percent more Internet security breaches than any other industry. Threats to the security of network-connected medical devices are only likely to increase.
Digital Age Developments
As part of an ongoing pursuit to provide quality services to patients, healthcare facilities are now developing medical equipment to cater to the digital age. Devices are now mobile, following a person around the hospital or a home. They can also be implanted right under the skin. Yet, despite all of these perks, utilizing software and wireless technology creates security vulnerability when it comes to sophisticated online hackers.
These medical devices connect to the internet and a provider’s vast network, creating an open trail to data that appears under lock and key. TrapX’s recent report revealed at least three cases where hospitals experienced data breaches after their medical equipment was infected with malware backdoors. The malware then moved on to affect other network areas, blindsiding the hospital.
Another report found that a large healthcare organization in the United States recently exposed more than 68,000 medical systems, including pacemaker systems, anesthesia, cardiology, infusion systems, MRI scanners, nuclear medical, and picture archiving equipment.
Medical equipment typically lacks the built-in security that traditional servers and workstations have. Not only are they unable to ward off attacks, but they also cannot detect the threat. This equates to the industry not noticing ongoing security breaches, as well as not knowing the actual extent of the issue.
Hackers are continuously improving upon their crafts. Anyone can purchase a toolkit or hacker-for-hire if they want to implement an attack. As a result, one to two million malware viruses are being created daily.
Providing Protection for Patients
The healthcare industry needs to take extreme measures to secure its hardware. The U.S. Food and Drug Administration (FDA) has improved its rules for cybersecurity, which are aimed at aiding manufacturers of medical devices in managing cybersecurity risks. This calls for manufacturers to create built-in security for all of their devices at all levels.
Hospitals looking to get a handle on the security of their medical devices need to understand the scope and nature of the problem, thoroughly counting their mobile equipment inventory and any other type of data that is vulnerable. They also need to know where devices reside, who owns them, and how they are constructed.
Healthcare institutes should also bridge the communication gap between medical personnel and IT, enabling them to address security weaknesses.
Thankfully, both manufacturers and hospitals are waking up to the challenge. At the Center for Medical Interoperability, based in Nashville, TN, workers are organizing a medical device integration showcase that pertains to the security components of medical equipment integration.
With ever-changing technology, the healthcare industry is getting the upper hand on these security issues affecting their healthcare devices. With a boost in government support, hospitals and healthcare facilities will be better equipped to handle a security breach and protect their patients from valuable data and records being stolen.
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.
© 2017 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.