Report: Fifty-three Percent of Connected Medical Devices Have a Vulnerability

Jan. 24, 2022
According to a new report from New-York based Cynerio, significant medical device risks in hospitals are continuing to leave organizations and their patients vulnerable to cyberattacks and data security issues

According to a Jan. 19 blog, New-York based Cynerio, a healthcare IoT platform, has released its “2022 State of Healthcare IoT Device Security Report.”

The blog states that “Data shows that 53 percent of connected medical devices and other IoT devices in hospitals have a known critical vulnerability. Additionally, a third of bedside healthcare IoT devices—which patients most depend on for optimal health outcomes—have an identified critical risk. If attacked, these vulnerabilities could impact service availability, data confidentiality, or patient safety—with potentially life-threatening consequences for patient care. “

Key highlights of the report include:

  • Thirty-eight percent of a hospital’s IoT footprint is made up of IV pumps and 73 percent of those have a vulnerability
  • The majority of devices used by pharmacology, oncology, and laboratory devices, and make up a multitude of devices used by radiology, neurology, and surgery departments are running versions of Windows older than 10
  • Twenty-one percent of devices are secured by weak or default credentials
  • Ninety percent of critical risks with connected medical devices in hospitals can be addressed by network segmentation

Daniel Brodie, CTO and co-founder of Cynerio was quoted in the release saying that “Healthcare is a top target for cyberattacks, and even with continued investments in cybersecurity, critical vulnerabilities remain in many of the medical devices [that] hospitals rely on for patient care. Visibility and risk identification are no longer enough. Hospitals and health systems don’t need more data—they need advanced solutions that mitigate risks and empower them to fight back against cyberattacks, and as medical device security providers it's time for all of us to step up. With the first ransomware-related fatalities reported last year, it could mean life or death.”

The full report can be accessed here.

Sponsored Recommendations

Patient Engagement and ML/AI – Modern Interoperability as an enabler for value based care

Discover how modern interoperability empowers patient engagement and leverages ML/AI for better outcomes in value-based care. Join us on June 18th to learn how seamless data integration...

New Research: The State of Healthcare Cloud Security and Compliance Posture

Compliance & Security Debt Awareness Could Have Prevented Change Healthcare & Ascension Healthcare Breaches

Telehealth: Moving Forward Into the Future

Register now to explore two insightful sessions that delve into the transformative potential of telehealth and virtual care management solutions.

Telehealth: Moving Forward Into the Future

Register now to explore two insightful sessions that delve into the transformative potential of telehealth and virtual care management solutions.