Introduction: Global Internet of Things Healthcare Market Analysis is forecasted to reach a market value of approx. USD 14.6 Billion. Market research estimates predict that there will be a total of approximately 20 billion connected devices by 2020 with roughly 40% being in the health sector. What this means is the introduction of 8 Billion opportunities for hackers to infiltrate a person’s life without them even knowing and worse, specific medical devices are so sensitive in a person’s health that improper functioning of the device could lead to death.
The problem: About 45% of all ransom ware attacks in 2017 were in the health sector with a major portion being in healthcare systems and about a third of the attacks being in healthcare devices. In 2017, the FDA was responsible for the recall of about 465,000 pacemakers due to “security vulnerabilities“. Furthermore, about 200,000 windows systems including those at 48 hospital trusts in the U.K. and medical facilities in the U.S. were hit by the ransom ware Wannacry leading to a medical crisis as the lack of a security patch for windows XP server led to a mass ransom ware attack.
Implication: Overall, hacking of medical IoT devices led to a loss of USD 6.3 billion in 2017 in the US alone. The need for security in IoT devices is alarmingly high. The threat of the vulnerability is highly prominent as IoT devices are connected to a person’s medical card which is exponentially more valuable than a credit card due to it containing a person’s credit card information, health data, social security, date of birth, address and more. A medical card can lead to further vulnerability as the virtual component could be further connected to the patient’s hospital or insurance provider. This looming threat has led to the recent spike of ransom ware in medical devices, namely Wannacry and NotPetya being the more prominent malware used to infect medical devices. The most recent development in the sector of ransom ware is the Hide and Seek Botnet capable of handling a system reboot by copying itself into /etc/init.d/, a folder that houses daemon scripts on Linux-based operating systems like the ones on routers and IoT devices. By placing itself in this menu, the device’s OS will automatically start the malware’s process after the next reboot. A majority of system malware in almost any device was capable of being eliminated by resetting the device and although it led to file loss it meant the malware would be removed as well but the development of the HNS bot has led to malware that can survive a system being reset. To make matters worse, the bot has added support for brute force attacks. What this means is that HNS infected devices will scan for other devices that have an exposed Telnet port and attempt to log into that device using a list of preset credentials. This threat is further exemplified when taking into account automated medicine dispensing. Medicine and health is all about taking the right doses of the right substance at the right time prompting the right reaction. This fundamental principle of healthcare is exposed to chaos by computer enthusiasts if a proper network security protocol is not implemented.
Conclusion: There is an evolving need for the implementation of a solid security framework for technology. The lack of a central regulatory body and the lack of an effective law regime for smart devices have caused a major gap between the level of usage and the safety of technology. Technology stores a person’s most sensitive information as the colloquial “data “which is traded like currency in recent times. There are increasing cases of unauthorized use and sale of data caused by security breaches from software and applications consumers install on their devices. While the previous threat was contained at having your data accessed without your knowledge, the threat with medical devices is far more significant – Electronically controlled pacemakers can be overridden to damage your heart, life support machines can be shut down, insulin pumps can administer a fatal dose and more. This major vulnerability in electronic healthcare technology presents a major opportunity for provision of security systems for IoT based healthcare devices and remote medicinal equipment. As the threat has been detected, the market for security of medical devices is still poised to truly grow. This offers significant economic opportunity for emerging companies like Protenus, ClearData, Medcrypt, Senrio and more to develop adequate security systems for safe and accessible storage of consumer medical information and control over medical devices.
To know more, click on the link below:
Ankur Gupta, Head Marketing & Communications