Securing the future of health care

The healthcare industry is undergoing the greatest revolution since the invention of the hospital — the digital revolution.

In the 1960s and 70s, we witnessed the introduction of digital medical devices such as digital infusion pumps, electrocardiogram machines and CT scanners. Fast forward more than five decades and the medical devices critical in providing patients with positive health outcomes have evolved into sophisticated computer systems.

However, the technology also has inherent weaknesses as it often contains vulnerabilities that cybercriminals can exploit or maliciously modify. A vulnerable medical device could be rendered unusable, preventing it from functioning at all, or modified to cause a malfunction. In the case of a digital ventilator or an infusion pump delivering life-saving medication, it is likely to be fatal.

This is not theoretical — there are a number of cybercriminal groups already targeting healthcare organisations. Ransomware group Medusa, which in May attacked NSW Crown Princess Mary Cancer Centre, recently targeted Philippine state health insurer PhilHealth. This not only compromised the data of over 36 million members — around a third of the country's population — but it raised concerns about the cybersecurity vulnerabilities within the healthcare sector.

We are entering a new era where digital medical devices deliver transformative healthcare potential. However, threat actors can also turn these very devices against us. The healthcare sector must, therefore, look at how it can safeguard the cybersecurity of digital medical devices.

The pandemic accelerated the pace of digital transformation in health care, with the rise of telemedicine and remote health care. In Australia, digital health is poised to grow into a $10.96 billion-dollar industry by 2030, driven by paradigm shifts in the industry, public sector initiatives and an aging population.

Artificial intelligence (AI) is one area which will transform digital health care. Smart medical devices will monitor your body around the clock, collecting valuable data and leveraging AI to detect health issues early and provide timely intervention from your home. Healthcare professionals will have access to your health data and AI recommendations from a virtual hospital, anywhere in the world, where you will receive care 24/7 on a schedule that suits you, rather than waiting for the doctor to do their rounds.

Whilst this data is invaluable for doctors and health professionals in the treatment of patients, it is also subject to theft by cybercriminals looking to use it for nefarious purposes. The recent 23andMe data-scraping attack, which saw hackers target users with Ashkenazi Jewish heritage, demonstrates the risk this data can pose. In this attack, hackers obtained confidential customer information including names, email addresses, passwords and medical history, and leaked it on the dark web, impacting 1.3 million Ashkenazi Jew and Chinese users.

Australia is witnessing a multitude of AI-led healthcare startups that promise seismic changes in how people live. These companies are harnessing the power of AI to enhance patient care, streamline medical processes and provide real-time health monitoring. By enabling early detection and remote management of health conditions, these AI startups are not only improving patient outcomes but also reducing the burden on hospitals. This allows medical facilities to focus on treating the most critical cases while enhancing overall healthcare efficiency in Australia.

The approaches to a secure future

The closer a device is to a patient, the more likely it is to kill them. As digital healthcare devices become more prevalent in our everyday lives, they also expose us to greater risks from threat actors. Gartner predicts that by 2025, an industrial device will be misused to harm or kill someone. Would you want your loved one in hospital, receiving life-saving treatment from a digital infusion pump that could malfunction at any moment?

Not only can threat actors breach our medical devices to disable them or create malfunctions, but the rise of digital health care also exposes Australians to another threat — ransomware attacks. According to Palo Alto Networks’ Unit 42 2023 Ransomware and Extortion Report, Australia is the most targeted country in the region for ransomware attacks. We’re seeing threat actors stoop increasingly low and target health care, with 69% of healthcare organisations surveyed by The Australian Digital Health Agencies Cyber Security Report 2022 being attacked in 2021.

To ensure the digital future of Australian health care is secure, the healthcare industry must, therefore, focus on the following three approaches:

Secure build

Device manufacturers must acknowledge the criticality of ensuring device integrity and build cybersecurity into every aspect of the device. From software to physically secure hardware, security must be considered and prioritised right from the design of the device to the final code. Smart medical devices must be built securely from the ground up.

Secure operation

Upon deploying devices in the field, they must be configured securely to minimise the risk of compromise. Ensuring default passwords have been changed and hardening the configuration of the device is essential in ensuring its integrity. Additionally, healthcare institutions need to deploy these devices in secure network segments, with the least privilege access and protection from the latest threats.

Secure future

Ongoing operation of these smart medical devices relies on vulnerabilities being identified and device software being kept up to date with regular patching schedules.

To fully embrace its digital future, the healthcare sector must integrate cybersecurity seamlessly into all of its operations while safeguarding the integrity of digital medical devices. Cybersecurity stands as the foundational cornerstone, enabling health care’s digital evolution and paving the way for a secure digital ecosystem.

*Alex Nehmy, Field Chief Security Officer – Critical Industries, Asia Pacific & Japan, Palo Alto Network.

Image credit: iStock.com/Vertigo3d