When you think of cyber threats, you probably think about phishing attacks targeted at corporate employees or ransomware aimed at financial institutions. You probably don’t think about a hacker attacking a digital thermometer, but you should. 

The next great wave of cyber threats is aimed at medical devices and the waves have already begun crashing on the beach.

Hackers targeting the healthcare industry have historically focused on attacking medical information systems. After all, that’s where the crown jewels are located whose return could fetch a handsome reward. But, there’s a problem for hackers targeting medical information systems.

Medical information systems are becoming harder and harder to hack. The reason is because they are deployed on sturdy IT platforms with plenty of memory and processing power. And they are also becoming very mature in terms of locking down their attack surfaces.

Unfortunately, hackers are not so easily deterred. Their new target? Medical devices. As things turn out, medical devices are much easier prey than medical information systems. And with medical devices, the objective isn’t medical information, it’s device control, which could have deadly consequences.

The Internet of Medical Things

According to Ordr, an IoT (Internet-of-Things) healthcare security firm, “Healthcare devices represent one of the fastest-growing sectors of the IoT market. In fact, the value of this sector—which is sometimes called the Internet of Medical Things (IoMT)—is predicted to reach $176 billion by 2026.” That’s a lot of medical things.

Why do hackers prefer targeting IoMT devices? Because first generation IoMT devices, many of which are still in use, were never designed for robust network security. They don’t have much processing power, they don’t have much memory and there’s not a great selection of security application to protect them even if they did.

Hackable IoMT devices include such things as infusion pumps, smart pens, implantable cardiac devices, wireless vital monitors, thermometers and security cameras. Obviously, having someone control these devices remotely could have dire consequences.

From an individual device standpoint, there’s really not much that can be done to protect these first generation devices. And replacing them with network-secure IoMT devices is going to take time. There must be something that can be done in the meantime to increase the security of these IoMT devices. There is: threat modeling.

Protecting IoMTs

Until network-secure IoMT devices become ubiquitous, one way of protecting them is to threat model them. Rather than trying to protect the individual devices, the devices become just another component in the overall system architecture. And it is that system architecture that the discipline of threat modeling aims to protect.

Data flow diagrams and threat traceability matrices, part of threat modeling, are used to visualize the entire medical device ecosystem. From this visualization, the who, what, where, how and impact of threats to those devices can be enumerated. And once that’s done, it becomes clear what mitigations are required to counteract those threats.

Next Steps

Every healthcare system needs to protect their medical devices. But not every healthcare system is up to speed on how to do threat modeling. If you’re responsible for the security of medical devices and aren’t sure how to do threat modeling, you could try and track down a threat modeling  expert to help you out. Or, you could just head on over to ThreatModeler.

ThreatModeler is a threat modeling platform, which helps you model your medical device threats, without having to be a threat modeling expert. With its built-in compliance frameworks, extensive library of components and Threat Research Center, ThreatModeler ensures your medical devices will be protected now and in the future. Click here for a free live demo.

ThreatModeler

ThreatModeler revolutionizes threat modeling during the design phase by automatically analyzing potential attack surfaces. Harness our patented functionalities to make critical architectural decisions and fortify your security posture.

Learn more >

CloudModeler

Threat modeling remains essential even after deploying workloads, given the constantly evolving landscape of cloud development and digital transformation. CloudModeler not only connects to your live cloud environment but also accurately represents the current state, enabling precise modeling of your future state

Learn more >

IaC-Assist

DevOps Engineers can reclaim a full (security-driven) sprint with IAC-Assist, which streamlines the implementation of vital security policies by automatically generating threat models through its intuitive designer.

Learn more >