18 Feb As if Cyber Attacks Weren’t Dangerous Enough, Now They Can Kill You
We’re used to hearing about cyber-attacks for identity theft, financial gain, or simply to wreak havoc, but a recent research study discovered a breach in healthcare security can have deadly consequences. Once theoretical, hackers and terrorists can now target patients by changing or disabling network-connected medical devices, tapping into machines in patient rooms that control multiple medical devices and by altering diagnostic test results such as CT scans and MRIs.
According to The 2019 Healthcare Cybersecurity Report, medical records are actually more valuable than credit card data. Healthcare is now one of the most targeted sectors for cyber-attacks and data theft.
In April, Yisroel Mirsky, PhD, and colleagues in Israel created malware that could inject fake cancerous nodes, or remove real ones in imaging scans. In doing so, they proved a point to the medical and tech community about serious issues in the health cyber security field. The tests were done in real-time with 70 scans and 99 percent of the time, three expert radiologists diagnosed the fake cancer scans as legitimate ones. The implications of breaches like this are catastrophic. Healthy patients could receive treatments they do not need, or not receive required treatment, resulting in misdiagnosis, harm and possibly even death. We’re now well aware that the medical imaging system needs tighter security.
According to Medscape, in April 2018, the FDA recalled 465,000 pacemakers because of security vulnerabilities. This June the FDA issued a warning about some insulin pumps after they were recalled because of their potential to be hacked. If hackers gained access, they could change the insulin dose, give a bolus dose, or stop an infusion, turning insulin pumps into lethal weapons.
Hiring a dedicated IT department for your healthcare teams—from radiology to surgery—is not just important, it’s crucial. They consistently scan for vulnerabilities and be preemptive in the event of an attack or threat.
Santeka delivers extraordinary healthcare security talent to our clients, from cyber security analysts to informatics. We utilize the latest in innovative technology to find and deploy the most in-demand healthcare IT professionals in the space. Our cyber security experts possess HIPAA and PHI understanding to assess the vulnerabilities and risks specific to healthcare organizations.
We would love to connect with you to see how we can mitigate your risk to your practice and to your patients as well. Visit Santéka for more information.
Sources:
CT-GAN: Malicious Tampering of 3D Medical Imagery using Deep Learning: https://arxiv.org/pdf/1901.03597.pdf
https://www.herjavecgroup.com/2019-healthcare-cybersecurity-report/
https://go.armis.com/hubfs/Infographics/Armis-State-of-Enterprise-IoT-Security-INFO.pdf