 |
Charlotte Stonestreet
Managing Editor |
Intensive care
05 May 2016
An international conference is about to take place this May in San Jose, California. MEDSec is the first covering security and privacy for the Internet of Medical Things. David Kleidermacher, the Chief Security Officer at BlackBerry, describes himself as dedicated to the vision of a trustworthy, scalable Internet of Things, including mobile devices, connected embedded systems, and cloud infrastructure.
Mobile communications offer enormous potential for delivering the best quality patient care, but there are a lot of issues to consider in creating a secure mobile healthcare strategy. Poor medical device security would threaten us all, so what do we need to do (if anything) to fix it?
When you enter a hospital, your eyes and ears fill with the flashing lights and beeps of the medical devices helping deliver state-of-the-art medical care to sick patients. All of this technology allows the better care to be delivered to more patients, alerting nurses when something is about to go wrong, saving patients’ lives and allowing hospitals to serve more patients with fewer staff resources. But, as Bloomberg Businessweek recently reported, many of these critical medical devices, enabled by the Internet of Things (IoT), have significant security gaps that could put patients, hospitals and device makers at serious risk.
Bloomberg authors Monte Reel and Jordan Robertson profiled Billy Rios, a white-hat hacker who is hired by the likes of Google, Microsoft, defence contractors, utilities and government security agencies to uncover security flaws in their systems before the bad guys find and exploit them. Rios was part of a team hired by Mayo Clinic to unearth vulnerabilities in their medical system. Rios was shocked by what they found.
“The teams didn’t have time to dive deeply into the vulnerabilities they found, partly because they found so many – defenceless operating systems, generic passwords that couldn’t be changed, and so on,” Rios told Bloomberg Businessweek. “It was all bad. Really, really bad.”
Bad-actor hackers could have used the security gaps to change the devices’ operations; somewhat fortunately, so far, medical device hackers appear to be more interested in personal data to exploit and make money. Hackers could inject malware throughout a hospital’s network and into medical devices which, unlike regular computers on the network, aren’t protected with antivirus software.
MEDSec will cover both technology and policy, featuring medical device manufacturers, ethical hackers, security evaluators, cybersecurity engineers and researchers, medical device regulators, medical security standards experts, and medical liability attorneys.
- Overcoming the Iceberg Effect
- Sleepwalking
- Robots trapped between a rock & a hard place
- Could - or should - robots be taxed?
- Big data daunts the manufacturing sector
- Technology continues to soar
- The most popular smartphone in China
- Time for some New Year's Resolutions?
- Democratizing robotics
- Interfaces for Industry 4.0
- No related articles listed
