Networked medical devices are at an increased threat from cybercriminals in the throes of the COVID-19 pandemic according to an Interpol alert.
Cybercriminals are aware health systems are overwhelmed and vulnerable trying to keep up with the increased demand caused by the COVID-19 pandemic. Attacks on health systems have created the perfect storm for hackers and have increased significantly since the start of the pandemic.
Medical devices are easy entrance points into a hospital’s network, and exploiting a device’s weaknesses can allow hackers access to the more critical network elements. Devices can also be “bricked” and render them unusable.
Devices infected by ransomware can be disabled from performing critical functions resulting in patient harm, according to Justin Fier, director for cyber intelligence and analytics at Darktrace, a cybersecurity firm based in Washington, D.C. “Infusion pumps and CT scanners are “plugged into other systems and you have to assume that a fraction of those will be taken offline by something as destructive as ransomware,” he warned.
According to Interpol, cybercriminals are “using ransomware to hold hospitals and medical services digitally hostage; preventing them from accessing vital files and systems until a ransom is paid." The danger comes with the delay of a swift medical response needed to care for patients caused by being locked out of critical systems which could ultimately lead to deaths.
CEO at CynergisTek, a healthcare cybersecurity consulting firm, states, “the attack surface in healthcare, thanks to increasing uses of telehealth and remote patient monitoring during the coronavirus outbreak, has accelerated to a level we wouldn’t have expected to see over a 10-year timeframe.”
Because of previously known vulnerability, equipment connected to networks prior to the coronavirus outbreak is less of concern. The devices at temporary medical facilities and legacy devices are more at risk for cyberattacks. Legacy pumps were not subject to the same regulatory oversights they would face today and have been known to be hacked.
If a hacker can gain control over an infusion pump it can result in physical harm to a patient. Ransomware attacks on medical devices are not known to cause direct harm to a patient; typically they are about money.
Interpol has provided the following steps for hospitals to protect their systems from a ransomware attack:
- Only open emails or download software/applications from trusted sources;
- Do not click on links or open attachments in emails which you were not expecting to receive, or come from an unknown sender;
- Secure email systems to protect from spam which could be infected;
- Backup all important files frequently, and store them independently from your system (e.g. in the cloud, on an external drive);
- Ensure you have the latest anti-virus software installed on all systems and mobile devices, and that it is constantly running;
Use strong, unique passwords for all systems, and update them regularly.
AIV, Inc. is committed to providing high quality IV pumps, replacement parts, accessories and repair service for major infusion equipment manufacturers. Learn more about AIV’s wide selection of IV pump solutions at https://aiv-inc.com/infusion-pump-parts.html
About the Author
Laura Collier has a Bachelor’s Degree in Communications and a Master’s Degree in Business Administration from the University of North Florida. She is the Marketing Manager at AIV, Inc.