What’s Hot in Hacking These Days?
Well seems that the hackers are getting over their Covid related slow down. From the numbers being reported, the hacker was slowed during the first several waves of Covid. But since the end of last year and certainly into this summer, they are all much more active. Recent reporting shows roughly an eight-fold increase in reported hacks to facilities, treatment center and medical devices.
Most recently the following devices made the “most hacked list”
Smart Pens – yep, that’s right, your smart pen can be hacked. Your first thought is what in the world could be on my pen? Well a growing number of providers are using these pens to communicate patient information for medical prescriptions. This can include not only the medication information, but patient address, information, basic health records etc.
There have also been instances wherein the hacker was able to actually get into the back end data servers within a practice, thus allowing the hackers to get into the main databases of patient information.
Cardiac Devices – we have spoken to this item before, first hitting the scene in Europe in 2017. Again, these hacks are not necessarily about hurting the patient, although it certainly could. It is about the data stored on the device and the communication between it and data collection.
Insulin or Infusion Pumps – these not only store data, they are also a direct connection back to the applications and sources managing the machine, this is a perfect back door into networks supporting our hospitals and prescribers.
Monitors – those devices utilized to monitor various functions such as heart rate and other vitals. All of these medical devices communicate wirelessly, through phones or system monitors, that then provides a connectivity opportunity for the hackers. While most of the devices now communicated through encrypted data protocols, some still are not, and most are very basic forms of encryption.
Temperature Sensors – I am sure you as most have heard or the doctor’s office that had their network hacked through the thermometer in their fish tank. This was a fairly widely published story, but again a very good example that these devices, be it for their patients or their pets, are yet another connection to s network, thus a spot of vulnerability.
While the connectivity is obviously important at the patient and network levels, sometimes old fashioned tools for the job are more secure, i.e. get a basic thermometer for the fish and remove an access point for the hackers.
As always our goal here is not to scream that the sky is falling and we are all doomed. The goal is to bring awareness to you as providers. Don’t overlook the most basic connectivity you have in your office, or through your patient treatment tools. Always keep in mind, someone is always trying to get to the patient data in some form. Talk with your technology provider and ensure you are taking some degree of steps to protect yourselves.