Alarms Are Ringing for Cybersecurity in Medical Sector
The sky is blue and cybersecurity in the medical sector is in dire straits. We all know this. Yet, two recent developments show us how dire this trend indeed is.
On September 12, FBI warned that a large number of vulnerabilities in commonly used medical devices are leaving a door open for cyberattacks, endangering lives. These devices include but are not limited to, insulin pumps, intracardiac defibrillators, mobile cardiac telemetry, pacemakers, intrathecal pain pumps, etc. Cybersecurity vulnerabilities in various medical devices have been reported for years and they seem to grow even more severe.
In a white notice from the FBI’s Internet Crime Complaint Center (IC3), the agency said it has identified “an increasing number” of vulnerabilities posed by unpatched medical devices that run on outdated software and devices that lack adequate security features, i.e. zero-day vulnerabilities.
On the other hand, the geopolitical rivalry between the US and China is affecting cybersecurity of the medical sector. Nikkei reported on September 14 that China is moving to keep foreign products out of the medical device market. Reportedly, the local governments have started asking hospitals to opt for domestic equipment. Furthermore, the central government has announced legal changes to move the R&D and procurement of key medical device parts to China.
As the US is stepping up its efforts to exclude Chinese companies from its supply chains, the division of the global market is further deepening. What this development means is that the communication channels for cybersecurity and cooperative actions towards safer cyberspace seem less possible.
Considering the interwoven fabric of global supply chains which also incorporates the end-users, any attemps to break it apart does not bode well. This holds true especially when it concerns medical industry. There is no guessing how many users in the US depend on medical devices made in China or vice versa. If international cybersecurity efforts in the medical industry break down, then countless lives will be at stake.
In short, alarm bells are ringing in yet another cybersecurity field.
Source: Nikkei, Trend Micro, Recorded Future
