During a recent cybersecurity event in California, U.S., specialists offered a conference discussing the consequences of a cyber attack on a hospital’s systems or medical devices connected to a network; during the conference, experts stated that cyberattacks against hospitals increased over 1200% last year. One of the main questions when thinking about a situation of this kind is: can doctors save a patient if the medical team has been hacked?
“We are trying to raise awareness about these risks”, mentioned Jeff Tully and Christian Dameff, specialists in hacking and cybersecurity issues, who were responsible for providing the conference. “Most hospital centers do not even have the technological resources and staff trained to detect a cyberattack incident”, the experts added.
A clear example of these security weaknesses is the WannaCry ransomware outbreak, which emerged in 2017. Back then, this malware was able to collapse the IT infrastructure of 16 hospitals in the UK; the government of countries like the United States openly pointed to North Korea as responsible for the attacks, citing political and financial motivations. “There is no need to wait for someone to get hurt to implement the necessary protections”, experts added.
The administration of hospital centers doesn’t matter about cybersecurity, although 3 out of 4 health care companies have reported a significant security incident.
Cybersecurity threats against this kind of products made it necessary for the joint work of several companies dedicated to the development of software for medical devices. The collective effort led to the creation of the Medical Information Sharing Analysis Organization (MedISAO), which, with the authorization of the U.S. Food and Drug Administration (FDA), works as a platform to share information on vulnerabilities in medical devices launched by multiple companies.