While most employees appear to be aware of phishing and react appropriately, further education is needed – particularly about the risk of disclosing information that could be used by attackers through social media, the BMJ advises.
6. Smart devices
Wearable and implantable medical devices are a proven cybersecurity risk. This technology certainly provides a better analysis, helping the diagnosis of medical conditions while helping to live independently, but mistakes made in protecting such medtech expose vulnerable users to potential attacks.
A minor moment was the late Barnaby Jack’s insulin pump hack in 2011. This Bluetooth attack had a range of up to 300 meters.
Since then, security researchers at Pen Test Partners have found “closed” insulin test data on the public Internet.
“In one case, we could change the readings taken by the glucose monitor worn by the body and automatically, give a lethal dose of insulin remotely to about 3,000 users in the trial,” said Ken Munro, managing director of Pen Test Partners, told. The CSO. “Fortunately, the vendor involved responded quickly to our report and made the system secure the same day.”
Other connected medtech devices Pen testing partners have found safety issues include cranial stimulators, dosing pumps, and medical robots, among many others. Fortunately, the threat of smart devices has been recognized and regulators are starting to take action.
For example, the US Food & Drug Administration (FDA) introduced FD&C 524b last year to drive cybersecurity for connected medical devices.
Source link