(National Sentinel) Cyber Security: As more and more medical devices become connected to the so-called “Internet of Things,” hospitals and patients are being put more at risk of cyber attack by hackers, say experts at a recent cybersecurity forum discussing the rising threat.
“Medical care is the next cyber warfare,” said technologist Janine Medina during a panel discussion last week held by the Atlantic Council, in an appearance with a number of other experts to talk about how “Internet of Bodies” poses potentially grave health risks that will require innovative regulatory solutions and intervention.
The panel discussion comes amid a number of high-profile hacking incidents and attacks involving IoT devices, as well as a major leak of personal data obtained via a successful hack of the Equifax company, a credit rating agency, in July.
According to Medina and co-panelist Andrea Matwyshyn, putting more Internet of Things devices into more patients is exposing them to never-before-experienced health risks for which they, along with hospitals, medical providers, health insurers, and the federal government are not yet prepared to deal with.
The IoT, which is a reference to the scores of devices that rely on being connected wirelessly to the Internet in order to function properly, includes everything from home thermostats and appliances to computers and even alarm clocks. A recent analysis estimates that by 2020, more than 20 billion devices will be connected to the IoT — and many of them are going to be medical devices.
Matwyshyn said many healthcare industry devices will be body-related — some medical in nature, and some not. Devices may be as trivial as a FitBit-type fitness tracker or as complex as an antenna, like the one artist Neil Harbisson had implanted into his skull so he could “hear” color.
But more practically, IoT medical devices that directly affect patient health and patient care are what worry experts most in terms of hacking — pacemakers, IV machines, and devices that push medications. (Related: Security Flaw: “Smart” Drug Syringes Found To Be Hackable)
As the Washington Free Beacon reports further:
The increasing prevalence of body-connected devices prompted Matwyshyn to develop her concept of the Internet of Bodies, referring to all of the internet-connected bodily devices, from heart monitors to pacemakers. As medicine and recreation both grow to increasingly depend on internet-connected body devices, she said, it will face novel legal and security challenges.
“The legal and technological challenges of the Internet of Things will transfer into this Internet of Bodies, particularly the challenges we’ve faced with respect to rampant security vulnerabilities in the Internet of Things,” she said.
Of particular concern to cybersecurity experts is the ease in which IoT equipment can be appropriated by hackers into what are called “botnets.” These are utilized to dramatically bolster processing power needed to attack websites.
Last fall, the Mirai botnet attack temporarily crushed major sites like Twitter, PayPal, and Spotify, mostly by using a “swarm” of IoT devices.
The Internet of Bodies, though, poses special hazards, the experts noted.
“The Internet of Bodies will for the first time mean that software will start causing physical harm to human bodies with some regularity, and this is a new step for law, in particular, to deal with, and to resolve the harms that will result from that,” Matwyshyn said.
It’s one thing to hack a kitchen device, but it’s another thing entirely to hack a body part like a heart or a liver.
As for who would exploit such a vulnerability, it’s hard to say at this point.
“Ultimately, any vulnerability can be exploited by anyone who can write the code, regardless of what their intentions are,” Matwyshyn said.
Experts have called on industry and government to team up to find security solutions for IoT- and IoB-related devices.
Advertising disclaimer: Click here