162 vulnerabilities found in medical devices, patient data at risk: report
CALIFORNIA, UNITED STATES — Global cybersecurity firm Forescout Technologies recently released a report identifying 162 vulnerabilities in Internet of Medical Things (IoMT) devices.
These vulnerabilities pose significant risks to patient data and healthcare operations, emphasizing the urgent need for enhanced cybersecurity measures.
Critical vulnerabilities threaten patient data
The report analyzed over 2 million devices across 45 healthcare delivery organizations (HDOs), revealing that Digital Imaging and Communications in Medicine (DICOM) workstations, Picture Archiving and Communication Systems (PACS), pump controllers, and medical information systems are among the most vulnerable.
These devices are crucial to healthcare operations but often remain outdated and difficult to secure.
Cybercriminals exploit healthcare vulnerabilities
Hacking is the leading cause of data breaches in healthcare, with an average of 1.6 incidents reported daily in 2023. Cybercriminals target IoMT devices to steal sensitive patient data or disrupt services.
“The increasing prevalence of IoMT devices has introduced new cybersecurity risks,” said Barry Mainz, CEO of Forescout. “Once deployed, these devices are difficult to update or patch, making them prime targets for cybercriminals.”
Key findings: High-risk devices
- DICOM Workstations and PACS: Identified with 32% critical unpatched vulnerabilities.
- Pump Controllers: Found with 26% critical unpatched vulnerabilities and 20% with extreme exploitability.
- Medical Information Systems: Reported with 18% critical unpatched vulnerabilities.
These vulnerabilities could lead to remote denial of service, information disclosure, or remote code execution.
Alarming increase in DICOM server attacks
The report also noted a significant rise in attacks against DICOM servers. From August 2022 to May 2024, the number of exposed DICOM servers increased by 27.5%.
Forescout observed an average of one attack every 20 seconds on these servers. Many attacks aim to steal sensitive patient data through unencrypted communications.
Windows systems at high risk
Windows systems are particularly vulnerable, with half of the top ten vulnerabilities being critical flaws that could allow full device takeover.
Despite this risk, only 10% of IoMT devices run active anti-malware software, highlighting the need for improved network security measures.
Recommendations for healthcare organizations
Daniel dos Santos, Head of Security Research at Forescout Vedere Labs, emphasized the importance of asset identification and network segmentation. “A single weak point can open the door to sensitive patient data,” he stated.
Effective strategies include mapping network communications and continuous monitoring to secure healthcare networks.
Forescout’s report underscores the urgent need for enhanced cybersecurity measures in healthcare to protect patient safety and ensure operational integrity.
