Under the front of the telemedicine, Italy is a decidedly advanced country: 89% of operators in the sector actually offer this type of service, a value only slightly below the world average of 91%. But how secure is this technology? Not much, since most of the wearables used have critical vulnerabilities. The health sector is also one of the most coveted by attackers, given the sensitive nature of the data and the strategic importance of these infrastructures, which can not stop even for a few hours, and therefore have more chances. to pay in redemptions. in a short time.
Kaspersky: The MQTT protocol for portable medical devices has 33 vulnerabilities
Medical devices for telemedicine, which allow the patient to be monitored remotely, for example by measuring cardiac activity, are mainly based on the protocol MQTT for data exchange. A protocol that unfortunately is not structured in a particularly secure way: authentication is optional and only in some cases the data is encrypted before it is sent. This means that an attacker could easily carry out this attack man in the middle, thus intercepting information that, in this case, is highly sensitive. The most worrying thing is that over time the situation worsens: in 2014 about 90 defects were identified, some of which have not yet been corrected, and in 2021, Kaspersky researchers discovered 33 more, 18 of which were considered critical..
It doesn’t end there: Kasperksy has always identified problems in Qualcomm Snapdragon Wearable, the most popular platform for managing portable devices. “The pandemic has led to significant growth in the telemedicine market, and this is not just about doctor-patient video calls. “explain Maria Namestnikova, head of the Russian Global Analysis and Research Team (GReAT) at Kaspersky. “We’re talking about a whole range of complex and rapidly evolving technologies and products, such as wearables, specialty applications, deployable sensors, and cloud databases. However, many hospitals continue to use untested third-party services to store patient data with various vulnerabilities. Before you start using such devices, you need to know their level of security, in order to protect the data of a company or patients.“.
Ransomware, automated attacks and 0-Day vulnerabilities: the main risks for the healthcare sector according to Bitdefender
According to an analysis by Bitdefender, the healthcare sector has seen an increase in cyberattacks over the last 5 years, with an increase of 42% only between 2019 and 2020, the year in which the pandemic broke out and encouraged cybercriminals to escalate their attacks. activities. Over time, about 93% of healthcare companies have been the victims of a cyberattack, and more than half (64%) believe there will be more attacks in the future.
The reason criminals focus on this industry is simple: this information is very valuable on the black market. A medical record on the dark web can cost $ 1,000, compared to $ 20 for a driver’s license.
According to Bitdefender, in 2022 we should expect an increase in ransomware attacks, an approach used in 45% of piracy campaigns launched between November 2020 and January 2021. Complicating the situation is the growing spread of Ransomware-as -a-Service. . allowing even less structured and less skilled groups of attackers to conduct ransomware campaigns.
Bitdefender, like Kaspersky, also points out the problems of IoT medical devices. Among the problems with these tools, the company highlights the following:
- hard coded password: hackers know how to find encrypted passwords for most devices and can use them to enter a business network;
- lack of security checks: If there is no way to prevent unauthorized users from accessing your business devices, it’s best to look for a more secure alternative;
- network implementationHealthcare facilities must carefully integrate devices connected to your network to mitigate potential risks, otherwise hackers may exploit these devices;
- lack of security credentials: As part of due diligence, companies should verify the credentials of devices such as PCI DSS and SOC 2 Type 2, which show the manufacturer’s steps to make the devices more secure.
The solution? According to Bitdefender, invest in cybersecurity, focusing on the ongoing assessment of vulnerabilities, but also focusing on reviewing all devices present in medical facilities, both the most recent and legacy, and providers. And, above all, not to neglect pentesting, entrusting security experts with the task of conducting penetration tests for vulnerabilities in systems.