On SAGE Insight: Insights on the Latest Attack Vectors (and Security Controls) for Medical Device Applications

From Journal of Diabetes Science and Technology

As medical devices gain the same kind of pervasive network and Internet connectivity that permeates the rest of our world today, patient care has never been better. The interconnectedness of implantable, wearable and, soon, even ingestible devices with diagnostic machines and Internet-driven applications opens up a whole new world of health care flexibility. As a result, the reach of the practitioner grows, putting consistent observation and control at their fingertips. At the same time, patients gain greater peace of mind and access to care. But with all of these benefits comes a darker downside that the industry can’t afford to ignore.

As it’s true for any revolutionary technology, for all of the technological advancement that has been poured into digital health care devices over the past decade, commensurate cybersecurity defenses have not kept up the pace. The lag has led to a huge protection gap in the medical device market, because many of the added features and development processes introduced in recent years put these devices at higher risk of potential attack. That largely has to do with a concept that information security professionals like to call “attack surface area.” This refers to the available functions in a system that can be used by the bad guys to break the system, make it behave in a way that was never intended or even to take complete control of the system.

There is a long, tough road ahead of the health care industry to address the breadth and scale of security issues troubling medical devices. There’s no silver bullet to the issue because the root causes behind them are complex and numerous.

As the complexity of connected medical devices accelerates, so too does the risk of inadequate cybersecurity design. Read more…


Ready or not, the Internet of things (IoT) is here. No longer just a buzz term, it’ll continue to grow at an unprecedented pace over the next few years expecting to reach over 25 billion connected devices by 2020. History shows us that most fast growth technology solutions focus on solving business problems first and security is an afterthought. Unfortunately, IoT is following the same trend. Most IoT devices, apps, and infrastructure were developed without security in mind and are likely going to become targets of hackers. According to some security experts, major cyberattacks against the IoT devices are looming. According to the FBI, criminals can gain access to unprotected devices used in home health care, such as those used to collect and transmit personal monitoring data or time-dispensed medicines. Once criminals have breached such devices, they gain access to any personal or medical information stored on the devices, as well as the power to change the coding that controls the dispense mechanism of medicines or health data collection. This can result in major health issues and potential loss of lives. Are organizations ready to protect themselves? What are the key vulnerable points? There are various steps that companies can take to raise the barrier. In this article, we’ll talk about the background, issues, potential attack vectors liable to be hacked, protection strategies, and more.

Read this article in full here

Article details
Think Like a Hacker – Insights on the Latest Attack Vectors (and Security Controls) for Medical Device Applications
Mandeep Khera, MBA,First
Published March 1, 2017 Research Article
DOI: 10.1177/1932296816677576
Journal of Diabetes Science and Technology



This entry was posted in Medicine, SAGE Insight and tagged , , , , , , , , . Bookmark the permalink.

Leave a Reply