January 20, 2022 – According The Verge, half of internet-connected devices in hospitals have a vulnerability that puts patient safety, confidential data, and the utility of the device itself in jeopardy. This comes from a report from the healthcare cybersecurity company Cynerio, which analyzed data from over 10 million devices at over 300 hospitals and health care facilities globally, collected through connectors attached to the devices as part of its security platform.
The report found that the devices that are most likely to have vulnerabilities are infusion pumps, which remotely connect to electronic medical records, pulls the correct dosage of a medication or other fluid, and dispenses it to the patient. Additionally, patient monitors that track things like heart rate, breathing rate, and ultrasounds are susceptible to hacks as well. A hack into devices like these could be used to hurt or threaten patients directly.
Cynerio’s report says that “most of the vulnerabilities in medical devices are easily fixable: they’re due to weak or default passwords or a recall notice that the organization hasn’t acted on.” As health care organizations continue to feel the strain of the most recent COVID surge, many certainly don’t have the resources or personnel to keep the systems up to date.