U.S. Health Sector Cybersecurity Coordination Center Issues Alert About 5G AI Networks in Hospitals – Environmental Health Trust


The Health Sector Cybersecurity Coordination Center issued an alert Sept. 8 warning about the security risks associated with AI, 5G networks, nanomedicine, smart hospitals and quantum computing.

In addition the Federal Bureau of Investigation (FBI) released a notice outlining the security and patient safety risks associated with unpatched and legacy medical devices. The FBI has observed a recent uptick in medical device vulnerabilities. If exploited, threat actors can leverage outdated software and poor security features within medical devices to execute cyberattacks.

See the Cybersecurity powerpoint here https://www.hhs.gov/sites/default/files/emerging-technology-security-hph.pdf

5G in Healthcare: Security Concerns

• In many ways, security threats for 5G-enabled healthcare technologies overlap with IoT threats:

 Need to secure medical devices as they connect to the network (authentication)

 Need to secure data as it is transmitted to/from medical devices (end-to-end encryption)

 Need to secure data on device (whole disk encryption or similar procedure)

• IoMT software/firmware development should include both trustworthiness and resilience

 Trustworthiness may require the use of authentication and encryption technology

 Resilience may require fallback to a safe mode in the case of a cyberattack

 Software design and update practices should be transparent

• The design and implementation of the software in medical devices should include a specification of cybersecurity features and validation of those features, as well as a Cybersecurity Bill of Materials (“CBOM”)

• Regularly employ static and/or dynamic vulnerability testing of the software on 5G devices

• Regularly update software on 5G devices in a secure manner • It will be absolutely critical to segment and monitor 5G networks