Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Data Centre Solutions is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Data Centre Solutions Video magazine contains the latest Zoom interviews with experts in the industry.
In a recent report by European cybersecurity firm Modat, over 1.2 million healthcare devices connected to the internet have been identified as potential threats to patient data security. The report highlights significant exposure in countries like Ireland and Great Britain, having the most across Europe, the US and the MENA, marking them as areas with the highest number of vulnerable systems.
The study deployed Modat's proprietary internet scanning tool, Modat Magnify, to assess over 70 distinct categories of medical devices. Vulnerable equipment found includes MRI and CT scanners, DICOM viewers, blood test systems, and hospital management systems. The primary causes of these vulnerabilities were misconfigurations, insecure settings, default passwords, and unpatched software.
A closer examination revealed that many devices lacked even the basics of robust authentication protocols. Instances of factory-default credentials, like "admin" or simplistic numeric sequences, were prevalent. Additionally, unpatched software vulnerabilities further endangered critical medical devices, leaving them open to potential threats.
An alarming discovery during the research involved the exposure of patient medical data, accessible without proper security measures. Scans uncovered sensitive patient health information (PHI) and personally identifiable information (PII), such as MRI results and comprehensive medical histories.
Upon identifying these serious breaches, Modat swiftly contacted international partners like Health-ISAC and Dutch CERT Z-CERT to initiate a Responsible Disclosure protocol aimed at aiding affected entities.
The report's findings underscore the cybersecurity challenges in healthcare, emphasising the need for improved safeguards. These systems should never be exposed to the internet in the first place. Soufian El Yadmani, Modat CEO stated, “The question we should be asking is: Why are there MRI scanners with internet connectivity that lack proper security measures? The primary risk is unnecessary network exposure. These medical systems should only be connected to secure, properly configured networks when there is a legitimate clinical need for remote access.”
Recommendations stress the urgency for healthcare organisations to conduct regular security audits and maintain exhaustive inventories of their network-connected devices. Continuous monitoring is pivotal to recognising exposures, addressing misconfigurations, and tackling new vulnerabilities.
Strengthening cybersecurity in healthcare systems is not just an IT issue—it's a fundamental fixture in safeguarding patient well-being.
