Washington, Jan 20 (IANS) More than half of connected medical and other Internet of Things (IoT) devices in hospitals are vulnerable to cyber crimes, according to a report.
These internet-connected devices could put patient safety, confidential data, or the usability of a device at risk.
The report, from the US-based healthcare cybersecurity company Cynerio, is based on an analysis of over 10 million IoT and IoMT devices collected from current Cynerio implementations at over 300 hospitals and other healthcare facilities in the US and around the world.
The report shines a light on the sorely under-addressed risks, threats and security issues related to IoT and related devices within healthcare environments.
“With hospitals under an unprecedented amount of strain from both the pandemic and the explosion of ransomware attacks on healthcare facilities, it has never been clearer that digital safety and patient safety are intimately intertwined,” the report said.
“Protecting the devices providing the care patients depend on is ultimately about safeguarding their health, safety and well-being,” it added.
The findings showed IV pumps, which makes up 38 per cent of a hospital’s typical healthcare IoT footprint, are the most common healthcare IoT devices.
If exploited by hackers, 73 per cent of the IV pumps can jeopardise patient safety, data confidentiality, or service availability, the report said.
A third of bedside healthcare IoT devices, the devices closest to patient care that patients most depend on for optimal health outcomes, also have an identified critical risk.
Further, most healthcare IoT devices are used regularly, making them difficult to securely update.
Almost 80 per cent of healthcare IoT devices get used monthly or more frequently, giving them little downtime for hospital security teams to analyse them for risks and attacks.
The report also found many healthcare IoT devices are running on outdated Windows versions — even older than Windows 10 — in critical care sectors.
“This leaves patients connected to those devices vulnerable, since those older versions of Windows are already past the end of life and replacing the machines they run on will still take several years in most cases,” the report said.