Ecosystem security: Rethinking cyber defence in the age of connected medical devices
October 28, 2021
Critical infrastructure has long been a prime target for cyberattacks. Whether the aim is to extort money or disrupt people’s lives, the more critical a service, the more impact an attack is likely to have. A number of recent attacks around the globe have made this clear.
People often take a fairly narrow view of what this critical infrastructure looks like. Maybe it’s the systems at a major water treatment plant or the IT network within a hospital trust. This approach can create an equally narrow definition of the solution: invest in traditional cyber security controls to protect your vital systems from attack and plan for remediation activity.
Unfortunately, the reality is that it is not that simple and cybersecurity in healthcare requires a different approach.
Healthcare has become increasingly reliant on digital services. And, like many things, this move to digital health has been accelerated by the COVID-19 pandemic. As people mobilised to minimise the spread of the virus, remote healthcare came to depend on the ubiquitous access to digital health technology and clinical data for patients and clinicians alike.
We have seen the steady proliferation of connected medical devices (CMDs) over recent years. This can include anything from pacemakers that relay health data to CT scans, which then share results with remote teams immediately. For some, these devices might even include personal smart devices that can track health data, but here we will be focusing primarily on those devices that connect directly to central hospital IT systems.
These have helped power the shift to a remote workforce and digital patient engagement that became critical during the pandemic. And, as Accenture’s recent Digital Health Technology Vision identified, this growth is likely to continue as more healthcare organisations move towards digital working practices.
CMDs enable healthcare professionals to deliver innovative new care pathways, broadening access to healthcare for all and delivering superior patient outcomes. However, as with any new technology, they come with their own challenges. In this case, increased connectivity not only opens new avenues for collaboration and communication, it also creates a wider threat surface for attackers.
To understand how interconnected medical devices are and the risk this presents - consider an analogy. Think about COVID-19, or indeed any virus, and how it spreads from person to person. If one person contracts the virus, anyone they come into contact with is at risk of contracting the virus too. Those that are infected are then at risk of passing it on to others in the same way and this cycle repeats exponentially. What was one infection can quickly balloon and, as we have seen, become a major global pandemic.
Of course, this is true of any network. However, the nature of CMDs mean that they come with more complex security needs. Whilst more traditional and closed networks can be tightly monitored and restricted, CMDs can represent a range of assets in a variety of locations, including with members of the public on personal networks. This begins to add exponentially more connection points and means rethinking the way we approach security risks.
When thinking about this risk, the immediate response might be to focus on securing central IT systems. However, this is not a practical or ethical response. A hacked medical device could still result in a loss of patient data or even worse, a loss of patient life. Equally, traditional security controls are often unsuitable for medical devices. When securing CMDs, we need to take a full-lifecycle approach to security.
It is not enough to secure a CMD once it has been received from the manufacturer and is in use within a hospital setting. Cyber security must be considered from the first point of the lifecycle, during manufacturing, to limit vulnerabilities and move to a more secure by design approach. This approach must then carry through to the installation of the device to ensure that the physical environment is also secure.
Once it is operational in a hospital setting or with a patient, we have to think broadly about the range of people interacting with the CMD, not just the medical staff who use it on a day-to-day basis but also the maintenance teams and others who will have access. Finally, once the CMD is at the end of its functional life, it must be disposed of securely, with all data removed.
This risk cannot be managed completely by a hospital’s cyber security team. Much like managing the spread of a biological virus, it requires a variety of measures and collaboration across the healthcare industry. This must include all players, from regulators to device manufacturers and IT system administrators. When creating this collaborative environment, there are two key steps:
Of course, the entire process of developing this standard and deploying a technology is likely to be complex. But it is essential work. The impact of attacks on medical organisations could be deadly. In 2020, an attack on a hospital in Dusseldorf led to ambulances being re-routed to other locations1, with one patient dying during this journey. It is unlikely that this was the hacker’s intention, and the hack was partially resolved when the attackers voluntarily gave back system access after seeing the patient impact. However, it is hard to ignore that when critical infrastructure is attacked the consequences can be fatal.
When identifying how to counter these threats, it is essential to stay alert to the latest threats. Accenture’s latest Cyber Threat Intelligence report explores this changing landscape and offers actionable insights to Health leaders. If you would like to discuss the findings, don’t hesitate to contact Ashish or Elizabeth.