Cyber Security is Critical in an Age of IoT and Healthcare Hacks

Published on 16 Mar, 2017

Healthcare Technology Intelligence

Regulatory compliance to maintain extensive electronic patient records have made hospitals and healthcare institutes a treasure-trove of information, especially for hackers on the prowl for comprehensive databases of personal information. In an age rife with identity thefts and online fraud, digital medicine and the next generation of healthcare services may be shelved simply because cyber security measures haven’t kept up with the times.

An episode in a popular TV drama once depicted an assassination where terrorists murdered the Vice President of the United States by wirelessly hacking his pacemaker and inducing a heart attack.

It was a brilliant tactic, and one that’s just a work of fiction — for now.

As medical devices evolve and become more integrated into a network of Intelligent Things, cyber security threats are a scary reality that the healthcare sector is slowly coming to grips with.

Cyber-attacks on hospitals and instances of patient identity theft have been on the rise over the past few years. These cyber-attacks in the healthcare sector, aka healthcare hacks, are a growing menace that need to be stifled. Among all the instances of identity theft reported in the US during 2013, cases attributed to data theft in the healthcare sector made up a whopping 44%. That was over three years ago. With a growing number of healthcare features and services available online, things are likely to get worse.

Most healthcare hacks usually occur due to sub-par IT security and infrastructure in the healthcare sector. That, coupled with the fact that healthcare databases are a haven of accumulated data which give hackers a full pie rather than just slices — they’ll find everything from your name, DOB, and home address, down to your social security number and plenty of other unique identifiers — make healthcare hacks more lucrative than targeting other institutions. Hackers will find everything they could possibly need to easily impersonate someone in a healthcare database, which usually leads to fraudulent transactions done though financial identity theft.

Even after a slew of high profile healthcare hack cases including incidents at UCLA Health and Hollywood Presbyterian hospital, the healthcare industry has been slow to counter the growing menace.

The FBI issued a notification to the healthcare industry in 2014 as well, warning them about a lack of adequate IT infrastructure to thwart even the most basic security breaches. Most healthcare hacks thus far have been ransomware - malware that locks down a victim’s data/machine, and which will be unlocked by the attacker only after a ransom is paid.

With wearable medical devices becoming a part of everyday life, a lot of sensitive data, perhaps even patients' lives, could fall into the wrong hands if left unsecured.

In a future where personalized medicines are a reality, it’s vital that our information and IT are secure enough to make sure healthcare doesn’t become life-threatening.