Cyber Issues On Medical Devices

Technology is synonymous with modern living. It is a crucial part of our lives that not only makes the world go round right now but somehow makes it more complex too. These high-tech innovations have actually transformed our lives and made a lot of things easier and more comfortable for us but they are also flawed like most things here on this planet. A lot of things are interconnected now on the Internet of Things and as such, things can easily go from bad to worse when disaster strikes. And it is something we have experienced many times in this digital age.

The ransomware, WannaCry, which infected over 200,000 computers globally managed to cripple the UK’s healthcare system and many patients missed out on their medications for days because the medical staff can’t access the hospital computers where the patient’s chart and data can all be found. You see, any tech issue can potentially become a major medical emergency because medical devices that are hooked and used in a patient’s care can be hacked or encrypted by dubious cyber scammers that are only out for monetary gain.

As the internet of things spreads into more and more areas, increasing numbers of medical devices are now connected, making them vulnerable to cyber attacks that could shut down medical processes, expose critical hospital and patient data, and ultimately put patient safety at risk.

Many medical devices are not built with cybersecurity in mind, yet a survey by Deloitte Cyber Risk Services of over 370 professionals organizations operating in the medical device/IoT arena shows that 36.5 percent have suffered a cyber security incident in the past year.


Cyber security is not only a concern for public and private individuals using the web on a daily basis but many hospitals and health institutions have also automated most of their processes and services and are just as vulnerable as any one of us. The problem here is that human lives on the brink of death are at risk once the medical devices and machines keeping them alive suddenly stop working because of a technical error or problem. Medical institutions can’t allow that to happen because the risks are far too big to allow such a failure to prepare and plan a contingency plan for such a scenario that will endanger the lives of the people in their care.

A recent Deloitte survey of over 370 professionals whose organizations operate in the Internet of Things (IoT) connected medical device ecosystem found that more than 35 percent of respondents experienced a cyber security incident in the past year.

Respondent organizations included medical device or component manufacturers, healthcare IT organizations, medical device users, and regulators.

Over 30 percent of respondents said identifying and mitigating the risks of fielded and legacy connected devices presents the industry’s biggest cyber security challenge.

“It’s not surprising that managin cyber risks of existing IoT medical devices is the top concern facing manufacturers, providers and regulators,” Deloitte Risk and Financial Advisory partner Russell Jones said in a statement. “Legacy devices can have outdated operating systems and may be on hospital networks without proper security controls.”


Imagine the inconvenience and the outright dangers posed by malfunctioning or non-functioning (at all) medical devices that are supposed to support patient’s lives but fail to do so. Even cyber criminals are aware of this, which is probably why they showed the UK the type of disaster they can bring with the last WannaCry outbreak. Increasing cyber security efforts and taking data recovery backups seriously is something all medical institutions can do to safeguard themselves from such modern problems now that most gadgets (medical or not) are all connected to the web. It is a non-negotiable measure given that malwares are just looming on the horizon and any system can easily fall prey to these attacks.