Forescout Technologies, Inc. has published a report titled “Unveiling the Persistent Risks of Connected Medical Devices”. The research, based on data from over 2 million devices across 45 healthcare delivery organizations during the last week of May 2024, highlights growing cybersecurity risks associated with connected medical devices.
The study identifies Digital Imaging and Communications in Medicine (DICOM) workstations, Picture Archiving and Communication Systems (PACS), pump controllers, and medical information systems as the most vulnerable. The research found 162 vulnerabilities affecting Internet of Medical Things (IoMT) devices, presenting risks including data breaches and disruptions to healthcare operations. Hacking remains the primary cause of data breaches, with 595 incidents reported in 2023, averaging 1.6 breaches per day targeting healthcare institutions.
32% of DICOM workstations and PACS have critical unpatched vulnerabilities. 26% of pump controllers have critical unpatched vulnerabilities, with 20% noted for extreme exploitability.
Critical vulnerabilities in medical devices
18% of medical information systems possess critical unpatched vulnerabilities. From August 2022 to May 2024, exposed DICOM servers increased by 27.5%. A honeypot study noted 1.6 million attacks on these devices within a year, averaging one every 20 seconds.
Many attacks aimed to steal sensitive patient data. Half of the top 10 vulnerabilities are critical flaws in Windows systems, capable of enabling full takeovers via remote code execution. While 52% of IoMT devices run Windows software, only 10% have active anti-malware, complicating endpoint protection due to software and certification restrictions.
Barry Mainz, CEO of Forescout, emphasized the unique challenges of securing older IoMT devices, stating, “These devices may be 10 years old or more, and you can’t secure them the same way you would more modern devices. Once they’ve been deployed, it’s very difficult to update or patch the software, and that’s why they continue to be a prime target for cybercriminals.
Daniel dos Santos, Head of Security Research at Forescout Vedere Labs, added, “A single weak point can open the door to sensitive patient data. That’s why identifying and classifying assets, mapping network flow of communications, segmenting networks, and continuous monitoring are essential to securing growing healthcare networks.
The report underscores the urgent need for healthcare organizations to adopt stronger security measures for connected medical devices to protect sensitive patient data and ensure continuous, safe operations.
