By: 13 November 2019
What is the truth behind cybersecurity and IoT?

The year is 2016, and the global digital health market has topped $176.6 billion, opines (TMR) Transparency Market Research. TMR predicts that by 2030, the market will reach a shocking $536.6 billion. This surge is hardly surprising, considering IoT in the health sector is growing at an unprecedented rate.

IoT is among the disruptive technological advancements that are taking the health care sector by storm. IoT, by definition, is a network of devices that collect and send data. IoT is critical in the health sector, and the benefits are many and varied some being:

Data analysis and sorting

A healthcare device sends a massive amount of data in real-time, making it almost impossible to store, manage, and analyze the data without cloud services. IoT devices collect data and analyze data in real-time, removing the need for raw data storage. This analyzing makes the final reports more accurate and speed up the decision making process.

End-to-end connectivity

IoT in the healthcare sector makes machine-to-machine communication and data exchange much simpler, improving service delivery. Connectivity methods such as Wi-Fi, Bluetooth LE, ZigBee, Z-wave, and others make a big difference in health care. Healthcare providers can spot changes in patients and come up with new treatment methods. It also brings down costs by removing the need for patient visits, unless necessary, which improves planning and service delivery.

Synchronised monitoring and reporting

By using smart medical devices connected to smartphones, real-time tracking, and reports of a patient is possible. These connected devices, when compared to several patients, mean a physician can carry out synchronized monitoring.

The IoT devices collect and send health data such as blood sugar, oxygen, blood pressure levels, ECGs, and weight. The data is stored in the cloud and is available on-demand to authorized persons.

Research

IoT in health care is useful for research. IoT collects a lot of data concerning each patient’s particular illness. This collection is made easier by IoT than if it was collected and then recorded and shared with medical professionals manually. The collected data is collated and used for medical statistic studies. IoT saves a lot of money and man-power which would go into funding the research.

IoT is a major player in the introduction of more sophisticated treatments and it is used in various devices that improve health care services. For any existing IoT devices, smart device chips are simply embedded into the devices to update them. The chip acts as an enhancer in assisting and caring for the patient.

Security measures concerns

Where there is data, there are hackers; the two invariably go hand-in-hand. For some unexplained reason, most healthcare manufacturers do not encrypt IoT devices. They use old operating systems, making them an easy hacker target. Some methods used by hackers include:

Remote hacking

To prove how vulnerable the devices were, two security experts in 2018 presented their findings at the Black Hat information security conference. They demonstrated how easy it was for hackers to cause mayhem and death. They went ahead and disabled an insulin pump remotely, causing it to stop administering an essential drug.

 They also took over a pacemaker system, all to demonstrate the built-in weaknesses of conventional IoT devices. Downloading a VPN on a router where these devices are stationed is just one of the security measures.

Some students at the University of South Alabama did an experiment and hacked into iStan, a simulated human. According to iStan’s manufacturer, CAE Healthcare, “the most advanced wireless patient simulator on the market, with internal robotics that mimic human cardiovascular, respiratory, and neurological systems,”  The students hacked into iStan’s pacemaker and ‘killed’ him,which is what would happen if a hacker gained access to a real human being’s pacemaker or other medical implants.

Medjacking

Researchers predict that soon, a phenomenon they call medjacking will be a reality. Hackers hack devices to enable them to get access to larger systems with more medical data. In 2015, TrapX, a security company, disclosed that most medical organizations were prone to medical device hijacks, also known as medjacking. The report revealed there had been three reports of medjacking in California. They warned of hackers infiltrating systems remotely and either giving a patient too much or too little drug doses.

The first hospital to be medjacked had hackers inject malware in surgical blood gas analyzers. The hackers used this equipment to get into the hospital’s entire IT system and mine passwords. The hackers then leaked sensitive information to the internet.

The seond hospital’s PACS (Picture Archive and communication systems) was hacked. PACS stores all hospital images from MRI and CT scanners, Ultrasound and X-ray systems. The hackers were able to use this platform to spread their wings to other departments in the hospital network.

The third hospital involved the creation of backdoor access via their X-ray system. These vulnerabilities can cause hospitals a great deal of grief from data loss to the worst-case scenario, loss of life.

DDoS

Distributed Denial of Service (DDoS) is a case where compromised systems target a single system, overload it with information and make it crash. There are various ways to do this, but the most commonly used by hackers is botnets.

The Mirai botnet attack was one of the worst cases of a botnet attack. The Mirai botnet crippled the internet on the east coast of the USA by exploiting weak security in IoT devices.

Conclusion

IoT is improving healthcare in many ways. Hackers are also waking up to the reality that there is money in medical data. This medical data sells like hot cake on the dark web, making the hackers even more determined to get the data. Beefing up security are the keywords; otherwise, hackers will rain anarchy in the health care systems.

Most of the operating systems of these medical IoT have old operating systems, making it hard for IT specialists to get into the system once hacked. Some manufacturers of medical implants have been called out on their vulnerable implants. The FDA has subsequently called off some implants from the market. Health care cybersecurity should be a top priority, considering medical data is worth a lot more than credit card data.

Author’s bio:

Brad Smith is a technology expert at TurnOnVPN, a non-profit promoting a safe, secure, and censor-free internet. He writes about his dream for a free internet and unravels the horror behind big techs. @TurnOnVPN

Further reading on Industry 4.0: The Ultimate Guide