Medical Device and Malware

Source: The Hindu

Why in the News?

1. Recently, some experts have warned that Common medical devices such as oximeters, hearing aids, glucometers, and pacemakers can be turned into Ransomware.
2. Industry experts are now seeking urgent Central government intervention to recognize this threat and immediately put in place measures to plug any possible drain.
3. The warning comes close on the heels of the ransomware attacks suffered by India’s top tertiary care hospitals, leading to the siege of millions of medical records and vast amounts of health data at Delhi’s AIIMS, Safdarjung Hospital etc.

What are the Concerns?

Data Breaches:

• The increasing use of medical technology devices and the lack of adequate cyber protection for these devices have raised concerns about data breaches and cyberattacks in the healthcare industry.
• Such devices contain software as medical devices (SaMD) and software in medical devices (SiMD), and are typically connected to the internet, mobile phones, servers, and the cloud and thus vulnerable to attacks.
• Sun Pharma, the fourth-largest generic pharmaceutical company in the world and an Indian multinational corporation, was targeted in the recent cyberattacks along with the Indian Council of Medical Research (ICMR).

Vulnerable Population:

India is among the world’s top 20 markets for medical devices, with the medical devices sector projected to reach USD 50 billion by 2025. However, the rapid economic growth, rising middle-class incomes, and increased market penetration of medical devices have left the population vulnerable to cyber threats.

Inadequate Systems:

Furthermore, the Indian healthcare industry lacks a centralized data collection mechanism, which makes it challenging to determine the exact cost of data corruption.

Despite this, it is evident that data has become the new oil and is seeing a significant threat from cyberattacks.

How can we Address Such Cyber Threats?

1. Consultation with the Experts: The government should consult with industry experts to identify the challenges that could pose a risk to national security.
2. Employee Training: Employees should be trained in how to recognize and avoid phishing emails, which are commonly used to initiate ransomware attacks.
3. Data protection is not a rocketing science, but requires legal and technical artisanship, the allocation of adequate resources and the training of all professionals involved in the processing of personal data.
4. Regular Software Updates: Regular software updates can help address vulnerabilities that hackers might exploit.
5. Access Control: Limiting access to medical devices to only authorized personnel can prevent unauthorized individuals from accessing the devices and infecting them with malware.
6. Encryption: Encryption can be used to protect the data on medical devices from unauthorized access.
7. Network Segmentation: Segmenting the network can help prevent the spread of malware from one device to another.

What are the Major Types of Cyber Threats?

• Ransomware: This type of malware hijacks computer data and then demands payment (usually in bitcoins) in order to restore it.
• Trojan Horses: A Trojan horse attack uses a malicious program that is hidden inside a seemingly legitimate one. When the user executes the presumably innocent program, the malware inside the Trojan can be used to open a backdoor into the system through which hackers can penetrate the computer or network.
• Clickjacking: Act of tempting internet users to click links containing malicious software or unknowingly share private information on social media sites.
• Denial of Service (DOS) Attack: The deliberate act of overloading a particular service like website from multiple computers and routes with the aim of disrupting that service.
• Man in Middle Attack: In this kind of attack, the messages between two parties are intercepted during transit.
• Crypto Jacking: The term Crypto jacking is closely related to cryptocurrency. Crypto jacking takes place when attackers access someone else’s computer for mining cryptocurrency.
• Zero Day Vulnerability: A zero-day vulnerability is a flaw in the machine/network’s operating system or application software which has not been fixed by the developer and can be exploited by a hacker who is aware of it.
• Bluebugging: It is a form of Bluetooth hacking in which an attacker exploits a vulnerability in a Bluetooth-enabled device to gain unauthorized access to it. The attacker can then use the compromised device to make calls, send messages, or access other data without the user's knowledge or consent.