Chinese and Russian APT activity tracked, multiple breach disclosures, ShadowV2 observed and malicious npm packages identified

Chinese front companies BIETA and CIII and steganography in APT operations

 View all
Cybersecurity

The Internet of Medical Things (IoMT)

L’Internet of Medical Things (IoMT) hor

The Internet of Medical Things (IoMT) promises to revolutionize the healthcare industry by improving patient care, facilitating home care of chronic conditions, opening the way for personalized medicine, and optimizing available resources.

The Internet of Medical Things is the “grafting” of the Internet of Things into telemedicine, where we place all those devices and related applications whose purpose is to monitor patients, collect valid and factual information and share it with all connected IT systems.

IoMT offers incredible opportunities in the medical sector, and according to some estimates it is an area that will reach a value of hundreds of billions of dollars within the next few years.

 

From IoT to IoMT

Among the technologies that have seen more rapid and widespread adoption in recent years, the Internet of Things (IoT) plays a leading role.

Undoubtedly, the availability of broadband and Wi-Fi connections, coupled with the possibility of integrating an increasing number of sensors within different devices, has led the way for the adoption of IoT in the business world, in public administrations, in people’s daily lives and in several other sectors, including healthcare.

And it is in healthcare that the application of the Internet of Things has become so specific and focused that it has given rise to a new class of applications, termed the Internet of Medical Things, IoMT.

The Internet of Medical Things is a key area of the digital revolution in the medical industry, enabling healthcare professionals to collect objective data and make timely and accurate diagnoses or treatments.

 

What is the Internet of Medical Things?

When we talk about the Internet of Medical Things (IoMT), we refer to all medical devices connected to a facility or healthcare provider via the Internet.

L’Internet of Medical Things (IoMT)

These are devices of very different kinds and nature from each other that can generate, collect, analyze, and transmit health-related data.

The list includes wearable devices, remote patient monitoring tools, hospital beds, infusion pumps, drug tracking systems, medical inventory and equipment monitoring tools, and many others.

These are tools and devices developed with the goal of making healthcare activities more effective for patients and more efficient for providers and, in fact, lay the groundwork for what many analysts are calling a revolution in healthcare.

The IoMT can help monitor and inform healthcare providers as well as provide them with actual data to identify problems before they become critical or to speed up innovative processes.

 

The security challenges of the IoMT

When we talk about MIoT we are dealing with health data and therefore sensitive data. In fact, the number of connected medical devices and their complex functionalities present additional data security risks. For example, devices such as defibrillators, pumps, pacemakers and many others are connected via Wi-Fi to take advantage of remote monitoring capabilities and NFC technologies.

The benefits of IoT in the medical field are undeniably compelling, but as hackers (and malicious actors in general) take advantage of the usually low level of security of connected devices, the defense of these devices and the users connected to them has become no longer negligible.

Vulnerable medical devices could be (and often are) connected to an array of sensors and monitoring units, representing potential access points to large hospital networks for the theft of sensitive electronic medical records or for devastating ransomware attacks that can take entire critical systems hostage.

Given that most hospitals today have an average of 10 to 15 connected devices per bedside, it is easy to see how the exposure to risk is enormous and constantly growing. Indeed, healthcare data is extremely sensitive and therefore valuable and attractive to cyber criminals.

From the promising prospects of the IoMT market arise new challenges that healthcare providers can address, in collaboration with specialized operators. The goal is maximum (technical) protection of data and infrastructure, without underestimating the essential role of security awareness.

 

TelsyMediSOC – the Healthcare organizations’ cybersecurity solution

TelsyMediSOC is the Healthcare cybersecurity solution managed by Telsy’s iSOC that provides customers with a responsive and proactive cyber risk monitoring tool within healthcare infrastructure.

Provides, for all types of devices in the healthcare facility (IT, OT, loT and MIoT), constant protection against different types of attacks, including ransomware, malware and data exfiltration.

MediSOC ENG bodyThe analytical dashboard on device utilization enables optimal management of device distribution across sites and reduces the period of idle devices.

In addition, the “Patient Safety,” “Patient Confidentiality,” and “Service Disruption” indices enable the proper prioritization of remediation actions.

TelsyMediSOC is designed to connect with SIEM, SOAR, Firewall, NAC, RTLS technologies, and other health IT and security systems.

It enables micro-segmentation of devices through the creation, testing and implementation, also automated, of policies for device protection, as well as immediate and reactive identification and remediation to “live” attacks occurring on connected devices.

 

Key Features of TelsyMediSOC

In a time-critical industry such as Healthcare, entrusting technology management to Telsy’s iSOC professionals allows each organization to fully devote itself to day-to-day activities avoiding wasting resources on labor-intensive security activities.

The TelsyMediSOC service consists of 3 main functionalities:

L’Internet of Medical Things (IoMT) consulAsset lnventory & Visibility

It allows 3 different views:

“Card” view – Provides a view of assets grouped by type and associates, for each type, the associated risk level through a color bar.

View by device – Provides a view by individual device, with specific information of various kinds, including associated risk level, connection map and usage statistics.

View by group – For each device type, provides a specific list of devices with detailed summary information for each.

Risk ldentification

Consists of 4 interoperating elements:

Risk Heatmap – Provides a view of risks based on the potential impact in terms of Patient Safety, Information Confidentiality, and Service Disruption.

Device Utilization – Provides graphs and views regarding the degree of device utilization, by group and by individual device, to support optimal device deployment decision making.

Risk Map – Provides a view that associates the vulnerability exploitation probability with the associated potential impact.

Risk Classification – Provides a summary dashboard of all identified and suspected risks as well as mitigated and inactive risks.

Mitigation, Detection & Response

Functionality includes 4 distinctive features:

Security Posture – General view of the organization’s security score and mitigation suggestions by device type.

Forensic Investigation Support – Detail view of the detected threat and drill down on the entire attack kill chain.

Critical Alerts and Immediate Response – Upon detection of critical anomalies, detailed information on the detected threat and immediate response actions are provided.

Quick Wins – Suggestions on immediate mitigation actions for improving the security posture, based on Security (e.g. E-W Segmentation), Biomed (e.g. Firmware Update) or Executive.

 

Learn more about TelsyMediSOC and other cyber solutions from Telsy on our website.