Medical Device security is, without a doubt, one of the most serious security issues confronting healthcare companies today. Organizations have previously struggled to keep a reliable inventory with thousands of connected devices moving around a hospital at once. Threat actors have also identified that old legacy may be a more accessible network entry point than other attack vectors.
Researchers from Unit 42 recently determined that 75% of the over 200,000 infusion pumps they examined have known security flaws. Meanwhile, Vedere Labs discovered seven critical flaws in the PTC Axeda agent, which might allow attackers to remotely execute malware, change system configurations, and access files. Collaboration across the supply chain and beyond, from regulators to manufacturers and providers, is required to effectively tackle rising Medical Device security risks.
Medical Device are now incorporated into EHR systems and middleware technologies that connect them to the organization’s network, thanks to interoperability and digital transformation activities. Although this connection expedited operations and improved care delivery, it also raised a number of security risks. As several newly revealed high-severity vulnerabilities demonstrate, unsecure medical equipment can serve as an open door to threat actors.