We use cookies to understand how you use our site and to improve your experience. This includes personalizing content and advertising. To learn more, click here. By continuing to use our site, you accept our use of cookies. Cookie Policy.

Features Partner Sites Information LinkXpress
Sign In
Advertise with Us

Download Mobile App




Weak AI security Exposes IoT Medical Devices to Risk of Cyberattacks

By HospiMedica International staff writers
Posted on 18 May 2019
Print article
Image: With cyberattacks a major challenge for companies, stronger AI solutions can help to prevent them (Photo courtesy of e3zine).
Image: With cyberattacks a major challenge for companies, stronger AI solutions can help to prevent them (Photo courtesy of e3zine).
The proliferation of healthcare internet-of-things (IoT) devices, along with unpartitioned networks, insufficient access controls and the reliance on legacy systems has exposed a vulnerable attack surface that can be exploited by cybercriminals determined to steal personally identifiable information (PII) and protected health information (PHI), in addition to disrupting healthcare delivery processes. These findings published by Vectra AI Inc. (San Jose, CA, USA) in its Vectra 2019 Spotlight Report on Healthcare underscore the importance of utilizing machine learning and artificial intelligence (AI) for detecting hidden threat behaviors in enterprise IT networks before cybercriminals have a chance to spy, spread and steal.

The report by Vectra AI, which applies AI to detect and respond to cyberattacks in real time, is based on observations and data from the 2019 RSA Conference Edition of the Attacker Behavior Industry Report that reveals behaviors and trends in networks from a sample of 354 opt-in enterprise organizations in healthcare and eight other industries. According to the report, gaps in policies and procedures can result in errors by healthcare staff members such as improper handling and storage of patient files, which is a soft spot for cybercriminals targeting global organizations and industries and looking for weaknesses to exploit.

The report found that hidden HTTPS tunnels were the most prevalent method used by attackers to hide command-and-control communications in healthcare networks. This traffic represents external communication involving multiple sessions over long periods of time that appear to be normal encrypted web traffic. Attackers mostly used hidden domain name system (DNS) tunnels to hide data exfiltration behaviors in healthcare networks. Behaviors consistent with exfiltration can also be caused by IT and security tools that use DNS communication.

There has also been a spike in behaviors consistent with attackers performing internal reconnaissance in the form of internal darknet scans and Microsoft Server Message Block (SMB) account scans. Internal darknet scans occur when internal host devices search for internal IP addresses that do not exist on the network. SMB account scans occur when a host device rapidly makes use of multiple accounts via the SMB protocol that is typically used for file sharing.

Several healthcare organizations have witnessed ransomware attacks in recent years, although the report found that ransomware threats were not as prevalent in the second half of 2018. Nevertheless, it still remains important to catch ransomware attacks early before files are encrypted and clinical operations are disrupted.

“Healthcare organizations struggle with managing legacy systems and medical devices that traditionally have weak security controls, yet both provide critical access to patient health information,” said Chris Morales, head of security analytics at Vectra. “Improving visibility into network behavior enables healthcare organizations to manage risk of legacy systems and new technology they embrace."

Related Links:
Vectra AI

Gold Member
Solid State Kv/Dose Multi-Sensor
AGMS-DM+
Gold Member
12-Channel ECG
CM1200B
Silver Member
Compact 14-Day Uninterrupted Holter ECG
NR-314P
New
Silver Member
ECG Management System
NEMS-Q

Print article

Channels

Critical Care

view channel
Image: The permeable wearable electronics developed for long-term biosignal monitoring (Photo courtesy of CityUHK)

Super Permeable Wearable Electronics Enable Long-Term Biosignal Monitoring

Wearable electronics have become integral to enhancing health and fitness by offering continuous tracking of physiological signals over extended periods. This monitoring is crucial for understanding an... Read more

Surgical Techniques

view channel
Image: NTT and Olympus have begun the world\'s first joint demonstration experiment of a cloud endoscopy system (Photo courtesy of Olympus)

Cloud Endoscopy System Enables Real-Time Image Processing on the Cloud

Endoscopes, which are flexible tubes inserted into the body's natural openings for internal examination and biopsy collection, are becoming increasingly vital in medical diagnostics. Their minimal invasiveness... Read more

Patient Care

view channel
Image: The newly-launched solution can transform operating room scheduling and boost utilization rates (Photo courtesy of Fujitsu)

Surgical Capacity Optimization Solution Helps Hospitals Boost OR Utilization

An innovative solution has the capability to transform surgical capacity utilization by targeting the root cause of surgical block time inefficiencies. Fujitsu Limited’s (Tokyo, Japan) Surgical Capacity... Read more

Health IT

view channel
Image: First ever institution-specific model provides significant performance advantage over current population-derived models (Photo courtesy of Mount Sinai)

Machine Learning Model Improves Mortality Risk Prediction for Cardiac Surgery Patients

Machine learning algorithms have been deployed to create predictive models in various medical fields, with some demonstrating improved outcomes compared to their standard-of-care counterparts.... Read more

Point of Care

view channel
Image: The PATHFAST hs-cTnI-II high-sensitivity troponin assay has been developed for the PATHFAST Biomarker Analyzer (Photo courtesy of Polymedco)

POC Myocardial Infarction Test Delivers Results in 17 Minutes

Chest pain is the second leading cause of emergency department (ED) visits by adults in the United States, generating over 7 million visits annually. In the event of a suspected heart attack, physicians... Read more
Copyright © 2000-2024 Globetech Media. All rights reserved.