One of the broad macro-trends in the tech industry is the “Internet of Things,” a world in which everything we own could theoretically be connected to the internet. One area that has seen an explosion of connectivity is the medical device sector, frequently referred to as Medical IoT, or MIoT. 10 billion connected devices are currently used in the healthcare industry worldwide – a number expected to rise to 50 billion over the next decade.
While there’s no doubt this kind of always-on connectivity can bring many health benefits, the downside is that it also opens up unprecedented cybersecurity challenges as millions of medical devices such as pacemakers are suddenly connected to the internet. Indeed, there is a scene in the well-known Netflix series “Homeland” where one of the main characters actually hacks the pacemaker of the U.S. Vice-President, causing him to die from a heart attack. While this may seem far-fetched, it’s not entirely out of the realm of possibility as many medical devices are not developed with cybersecurity in mind.
According to a survey from the Israeli MIoT cyber firm Cynerio, “53% of connected medical and other IoT devices in hospitals have a known critical vulnerability, including a third of the bedside devices that patients most depend on for optimal health outcomes.” Shockingly, Cynerio found that a majority of medical devices used by oncology, pharmacology and lab departments run on Windows operating systems that have passed their end of life dates, meaning that Microsoft no longer support these outdated OS’ with patches to known vulnerabilities.
Luckily, there are several excellent Israeli cyber firms that have solutions specifically targeted at protecting medical devices:
Cynerio Cynerio is focused on ensuring patient safety and data protection by securing the connected medical device ecosystem. The companys custom solutions for healthcare providers combine behavior learning with medical workflow analysis to provide full visibility into medical device behavior and activity on the network, detect anomalies, and stop threats in order to ensure patient safety and data protection.
CyberMDX (acquired by another Israeli cyber firm Forescout) CyberMDX delivers network visibility and threat prevention for medical devices and clinical assets. CyberMDX’s MDefend solution for monitoring and managing the security of connected devices ensures operational resilience while protecting patient and data safety. CyberMDX offers continuous network endpoint discovery, comprehensive risk assessment, and AI-assisted containment and response measures. CyberMDX was borne from the mission to help keep the most vulnerable elements of society safe from cyber exploitation.
Medigate by Claroty Medical-device security platform protecting connected medical devices on healthcare provider networks. Medigate delivers complete visibility into devices and risk, detects anomalies, and actively blocks malicious activities. Medigate enables providers to ensure the delivery of critical treatment and the protection of patient information.
Sternum Sternum provides unparalleled protection for Internet of Medical Things (IoMT) and Connected Medical Devices, combined with the most advanced observability capabilities. Sternum covers the entire medical IoT device lifecycle – from design, development and testing to deployment and maintenance.
Terafence Many medical devices today have integrated network connection and RF communication capabilities to enable the outflow of collected data, software updates, and control and adjustment of the device. Unauthorized access to such life-support and diagnostic systems may have fatal consequences and raises serious patient privacy concerns. Terafence protects the public from such threats.