GAO: along with benefits, Internet of Things brings increased security risks
Information security, data privacy and safety are among the key challenges facing healthcare organizations as they increasingly tap into the Internet of Things (IoT).
Healthcare, of course, isn’t the only sector connecting to the IoT, and a new report from the Government Accountability Office (GAO) notes that “the IoT is potentially affecting economies and societies in ways both great and small, from consumer products to industrial processes and public services.”
Not surprisingly, increasing connectivity is leading to a number of critical concerns, including cybersecurity vulnerabilities in many medical devices.
“The rapid and pervasive adoption of IoT devices, the lack of attention in designing them to be secure, and the predominant use of cloud computing to provide connectivity with these devices pose unique information security challenges that may limit broader adoption of the IoT,” the report said.
Specific to healthcare, researchers and industry experts explained how medical devices with built-in wireless connectivity can be compromised. One expert pointed to an instance in which a ventilator manufacturer’s firmware update was hacked and infected with malware, “putting the patient’s health at risk.”
According to the report, another expert said there “is no security on implantable medical devices, making them easily hackable.”
“Without proper safeguards, these systems are vulnerable to individuals and groups with malicious intentions who can intrude and use their access to obtain and manipulate sensitive information, commit fraud, disrupt operations, or launch attacks against other computer systems and networks,” the GAO report stated, referring to IoT devices generally. “The threat is substantial and increasing for many reasons, including the ease with which intruders can obtain and use hacking tools and technologies.”