Fighting the Surprising New Flaws in Medical Cyber Security

David Martinez
Add to MyMedicalExpo favorites

With new technology comes new vulnerabilities

Unfortunately for HIT professionals everywhere, cybersecurity is never a done deal. It’s not like building a skyscraper or carving a statue — they never get to step away, dust off their hands, and say “here it is!”

Not only are hackers and other malefactors always innovating new methods for cracking secure networks, but sometimes just the natural evolution of technology creates its own new loopholes.

Recent reports are showing a wide variety of new blind spots and dangers to healthcare networks, which bring with them not only loss of data or money, but HIPAA violations, worker time, patient privacy, and a host of other complications that can stall the efforts of clinicians and HIT techs through the facility.

We’re going to go through not only the latest security flaws and dangers, but cover what security practices, secure medical computers, and network protocols can help seal these common breaches.

The Dangers of Connected Devices and Legacy Systems

It seems like the future of every industry is that every tool, device, watch, dog collar, and blender have an always-on internet connection. And while this greater net of connectivity and communication is mostly helpful (especially in the healthcare industry), it’s important to remember that each device that’s connected to the internet is one more hole in the fence, so to speak.

A security report by Vectra, a company specializing in network cybersecurity, recently found huge gaps in data protection in the healthcare industry. The two majors gaps were “connected devices” and “legacy systems.”

Legacy Devices are a Huge Concern

Their six-month study found that legacy devices opened up some of the greatest security loopholes, especially in unsecured IP addresses.

The most common method of penetrating healthcare networks involved using obscured HTTPS and DNS tunnels. If you’re not familiar, HTTPS tunneling is a way to connect to two computers even in the presence of heavy network security measures like firewalls and ACLs. DNS tunneling is a method hackers use to take control of applications or servers (or even to exfiltrate data) using encoded DNS data.

In general, legacy systems aren’t up to date on the latest security protocols, and thus are easy marks for these newest hacking methods. And with the tight budgets of hospitals and healthcare facilities, there are plenty of legacy devices still in circulation.

The best way to beat these methods is a strong policy of frequent security updates, and to update existing embedded computers to modern medical computers wherever possible. In contrast to older consumer-model computers, modern medical computers have frequent, up-to-date security software to avoid these problems. They also have built-in security options like two-factor authentication, RFID and smartcard log-in methods, and can even have built-in biometric devices (like fingerprint scanners) to double-down on data security. But not all modern medical computers have the ports necessary to integrate with legacy devices, so make sure you are investing in the right IT technology to run your legacy devices.

Connected Devices Create More Holes

Connected devices provide obvious dangers: they’re everywhere, they collect a lot of data, and they often use different operating systems. A smartwatch, a biosensor, and a cell phone are all using different architecture, making a blanket security solution far more difficult.

There are a few ways to fight these security weaknesses. First is to partition healthcare networks. An exterior firewall is a good start, but there are ways through and around firewalls, and once a hacker is inside the network everything is unprotected and connected. A partitioned network, however, mitigates the damage: once a hacker has maneuvered through a firewall, they’ve only gained access to one portion of the network. Combining firewalls and other external security measures with a partitioned network is best, of course: imagine that not only is the outer fence locked, but so is the front door and every single door inside the house. That’s far more difficult to penetrate, and will help prevent the worst of the damage.

And since a host of interconnected devices provide many “doors” into the house, so to speak, it’s best that no single breach will compromise the entire network.

EMR Systems Found to Be Vulnerable

The widespread use of electronic medical records (often enforced by law) has its benefits and drawbacks, like any technology. While accountability has risen dramatically, and the patient’s journey is more well-documented and accessible than ever before, any complicated new venture is going to have a subsequent increase in, well, complications.

A report by the Department of Homeland Security and Philips, released in 2019, found new security flaws in the Tasy EMR platform. Many of these scripting vulnerabilities were so grievous that even hackers of relatively average ability would be able to manipulate and access patient records system-wide. While Philips and the DHS were quick enough to find these flaws before they were exploited in their system, it’s likely that similar weak spots exist in many EMR platforms.

Industry-wide reports on EMR bare this out. While programming and data security is generally getting better, social engineering is still the #1 vulnerability for hospital IT. “Social engineering” is a common method of hacking that doesn’t have to involve malicious code at all. Instead, a hacker will simply call a facility and pretend to be an IT person, a vendor, or other trusted technical advisor. They will then ask the admin or clinician for some kind of access: to help reset a password, to get personal data, or even just to click a link on a “helpful” email that allows the hacker into the system.

The hacker can then use this information to log into the network. This is where a built-in authentication device can work wonders. A hacker may have a clinicians username or password, but without their physical smartcard badge, RFID tag, or fingerprint, they can hardly access the most sensitive material.

If the clinician’s EMR computer has integrated two-factor authentication, especially with EMR compatibility, then they are in far less danger from these clever phishing techniques.

Keeping Ahead of the Latest Security Threats

Cybersecurity is an arms race, which is why it’s so important to have the latest technology where you can. A whole host of interconnected devices opens up more backdoors into your healthcare network than ever before, so make sure the devices you do have are secured with the latest authentication technology.

To learn more about how modern medical computers and medical tablets are built with security in mind, contact Cybernet today.

Medical Cyber Security
Medical Cyber Security

A doctor putting a stethoscope on a superimposed digital image of a shield with the healthcare cross logo on it. Digital lines extend from the shield and point to healthcare-related icons.

Associated Trend items