According to a report by the Department of Homeland Security, the increased use of mobile health technology opens up a world of vulnerability to patients and medical facilities. The report, "Attack Surface: Healthcare and Public Health Sector" says since IT networks are remotely available through medical devices, there is a rising concern that these devices will fail toprotect against theft of medical information and malicious intrusion.
The report states, “These vulnerabilities may result in possible risks to patient safety and theft or loss of medical information due to the inadequate incorporation of IT products, patient management products and medical devices onto Medical IT Networks.”
Portable devices, such as remote patient monitoring programs, are particularly vulnerable. This is because “many are vulnerable to cyber attacks by a malicious actor who can take advantage of routine software update capabilities to gain access and, thereafter, manipulate the implant,” the report notes.
If communication networks and medical devices, which can dictate life or death it notes, are compromised; it poses a significant threat to the public and private sector.
The report also mentioned how portable devices, such as tablets and smartphones, are also vulnerable to malware-based attacks. An example, the report states is a Conficker working group official identifying 300 medical devices from a single manufacturer having been infected with the Conficker Worm. The report states, “the instant connectivity of these devices to the internet or a Health Information System (HIS) that could be compromised if not protected with the latest anti-virus and spy-ware software.”