IoT Security Issues in Healthcare
IoT offers vast benefits in the healthcare sectors, like monitoring patients closely with data generated by analytics. Unfortunately, an increased flow of data also brings risks like causing harm to patients’ safety and health. However, healthcare departments have started addressing such IoT security issues. Usage of connected devices is growing day by day in the healthcare sector. Global medical device market is estimated to reach $4059.5 billion by 2023, and its CAGR growth is expected to increase by five percent from 2018 to 2023.
A rise in the usage of IoT based medical devices led to the rise of hacking medical devices which have catastrophic consequences. DDoS (distributed denial of service) is an attack used to target a single system causing a denial of service, further leading to crash of the system. To operate such attacks, malicious botnets are used. Recently, the source code of a botnet malware was publicly released. Since then, according to the internet provider Level 3 Communications, the total number of IoT devices infected by Mirai malware had increased to 493,000 from 213,000. Billy Rios, a security researcher, proved that he could remotely administer a lethal dose through an insulin pump. Such IoT devices may leave some patient’s data vulnerable to hacker and may harm them. This issue is not solely in the hands of device makers but also in clinics and hospitals. FDA has issued formal guidelines on this issue, framing recommendations on how medical device manufacturers should take cyber-security attacks into account.
Availability of technically skilled cyber-security employees is the biggest challenge for organizations. According to Cybersecurity Ventures, it is estimated that about 3.5 million unfilled positions will remain by 2021. By leveraging machine learning, the security concerns in IoT can be reduced. Cyber threats can be predicted in prior and counteract can be programmed against the attack by using machine learning tools. As machine learning can detect activity on network and endpoints in real time, hospitals or clinics can be equipped with all-inclusive enterprise detection and protection technology that enables monitoring across all devices.
There are no known cases so far, in which hackers have attacked a pacemaker, but researchers proved that it is possible. Devices can enter into the healthcare environment through any mode; many times, their means of entrance are unknown. First, it is essential that businesses ensure that their staff is aware of security threats and their impacts. By integrating proper cyber-security measures, hospitals can better safeguard both its patient data and infrastructure from attacks.