Majority of healthcare devices will be vulnerable to cyberattack

As healthcare operators continually rely on medical devices in workflows, unsupported devices are likely to become more vulnerable to cyberattacks, according to a report from medical device and internet of things company Forescout.

The findings underscore that as medical devices can do more and become more prevalent, the risk of cyberattacks also grow.

Healthcare operators these days are utilizing a number of different devices on medical networks, though more than half are still traditional computing devices, while nearly 40% are IoT devices, such as network printers, tablets, and smart TVs.

Of devices that run Windows, 71% will see their software expire in 2020, opening up the risk of cyberattacks, according to Forescout.

“Running unsupported operating systems poses a risk that may expose vulnerabilities and has the potential to impact regulatory compliance,” the report reads.

Furthermore, the vast majority––85%––of medical devices running Windows OS had a protocol called Server Block Messaging turned on, “allowing uncontrolled access for attackers to get beyond the perimeter and move laterally,” the report reads. This network port may have been left on by default by the device manufacturer and never corrected by security IT staff at a healthcare facility.

The report comes at a time when cyberattacks on health information continue to grow. A survey conducted in 2018 found that 1 in 3 healthcare organizations had experienced a cyberattack in the last year.

Amy Baxter

Amy joined TriMed Media as a Senior Writer for HealthExec after covering home care for three years. When not writing about all things healthcare, she fulfills her lifelong dream of becoming a pirate by sailing in regattas and enjoying rum. Fun fact: she sailed 333 miles across Lake Michigan in the Chicago Yacht Club "Race to Mackinac."

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.