Page 28 - Cyber Warnings
P. 28
Patients, Data and Mobile Medical Devices – How to Protect
Them Against Malicious Attacks
A slew of revolutionary Internet-connected portable medical devices are beginning to disrupt the
Healthcare industry in radical ways. As a result, the way patients manage their health,
communicate with doctors and monitor their activity levels has opened the door to new methods
of prevention, but more importantly, promises to help in the treatment of chronic diseases.
Health consciousness among people across the world, increasing chronic diseases such as
diabetes, and growing healthcare expenditure, is driving the growth of this potentially vast
market for wearable, or portable, medical devices.
According to a report entitled “Portable Medical Devices Market” by Market&Markets, the total
Portable Medical Devices market is expected to cross $20 billion by 2018, growing at a double
digit rate each year.
Analysts, however, expect the medical device market to see major headwinds such as high
costs for the development and deployment of consumer healthcare and mobile medical devices,
strict government regulations and all kinds of nightmarish data security and privacy issues.
There are two primary classes of portable medical devices – consumer devices that generally
support lifestyle and prevention, such as FitBit, Apple Watch and so on, and connected devices
that monitor and in some cases administer treatment such as heart monitoring halters,
implantable insulin pumps and sleep devices. Over the next 20 years, the kind of device is
limited only by the human imagination.
These devices typically transmit sensitive data and control signals to an app on a mobile device
like a smart phone. In addition to containing highly sensitive personal information, the control
signals can affect the functioning of the device. With this connectivity, the potential for data
misappropriation, malware, or worse, will intensify, especially where mobile apps are
concerned.
While a manufacturer has the luxury of employing specialized hardware and software to secure
the actual device, the mobile app, residing on an operating system such as Android, represents
an often weakly defended backdoor to an otherwise secure system.
According to the Identity Threat Resource Center, the U.S. healthcare/medical industry saw
112.8 million records breached in 2015 – by far the most of any industry. This translates into
roughly one in every three Americans that became a victim of a healthcare breach. While these
attacks were typically on well-protected, enterprise-level health records, this trend does not
bode well in an age of billions of poorly protected mobile devices.
As mobile and wellness devices and the apps associated with them become ubiquitous, bad
actors will naturally turn to these devices and apps as a prime target. Given the sensitivity of the
28 Cyber Warnings E-Magazine – May 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
