The Health Sector Cybersecurity Coordination Center issued an alert Sept. 8 warning about the security risks associated with AI, 5G networks, nanomedicine, smart hospitals and quantum computing.
In addition the Federal Bureau of Investigation (FBI) released a notice outlining the security and patient safety risks associated with unpatched and legacy medical devices. The FBI has observed a recent uptick in medical device vulnerabilities. If exploited, threat actors can leverage outdated software and poor security features within medical devices to execute cyberattacks.
See the Cybersecurity powerpoint here https://www.hhs.gov/sites/default/files/emerging-technology-security-hph.pdf
5G in Healthcare: Security Concerns
• In many ways, security threats for 5G-enabled healthcare technologies overlap with IoT threats:
Need to secure medical devices as they connect to the network (authentication)
Need to secure data as it is transmitted to/from medical devices (end-to-end encryption)
Need to secure data on device (whole disk encryption or similar procedure)
• IoMT software/firmware development should include both trustworthiness and resilience
Trustworthiness may require the use of authentication and encryption technology
Resilience may require fallback to a safe mode in the case of a cyberattack
Software design and update practices should be transparent
• The design and implementation of the software in medical devices should include a specification of cybersecurity features and validation of those features, as well as a Cybersecurity Bill of Materials (“CBOM”)
• Regularly employ static and/or dynamic vulnerability testing of the software on 5G devices
• Regularly update software on 5G devices in a secure manner • It will be absolutely critical to segment and monitor 5G networks