How IT Teams Can Protect Health Care Data

By Karen A. Frenkel  |  Posted 06-24-2015 Email

Hackers have placed malicious software on critical medical devices and can remotely access them, rendering health care institutions vulnerable to a perfect storm of attacks, according to a new report. Cyber-attackers are attracted to medical devices because they contain health care data and insurance credentials, which the black market values 20 times more than credit cards. The report, "Anatomy of an Attack: Medical Device Hijack (MEDJACK)," was prepared by cyber-security defense firm TrapX Security. It explains how attackers can rapidly penetrate medical devices and establish backdoors to gain access to the rest of a health care institution's data. Drawing on data from three cases of ongoing attacks, the report recommends that hospitals review contracts with medical device suppliers to address the detection, remediation and refurbishment of medical devices infected by malware. It also offers recommendations. TrapX Vice President Moshe Ben Simon said, "Hospitals must have a documented test process to determine if their devices have become infected, and suppliers must have a documented standard process for remediating and rebuilding devices when they are exploited by cyber-attackers."

Karen A. Frenkel writes about technology and innovation and lives in New York City.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login Register