In the past years, the healthcare industry has started to adopt the use of computers for clinical purpose. Computers improved medical imaging by adding innovative capabilities, enabling early discovery of diseases, research of new diseases, better treatment of medical conditions, and many more. They are connected to hospital networks, which is making them vulnerable to cyber attacks targeting at the device's infrastructure, components, which can disrupt digital patient records, and potentially harming patient's health. Attackers can also block access to these devices as part of ransomware attacks.
Identifying Cyber Threats
To build an effective cybersecurity strategy healthcare providers must first understand the threats. Cyber attacks can be categorized in several ways and the common internal security concerns include
• Operational security gaps
• Authentication/user logins
• Unpatched software
• Lack of encryption
Best Practices for Addressing Cyber Threats
Amble measures that can be taken to hold off cyber threats are
• Making sure that medical imaging device vendors have validated security controls for their devices before they are introduced into clinical settings.
• Ensuring that devices' firmware and software are continuously updated.
• Be sure to destroy any legacy data that resides on older devices when turning in for resale
• Clearly defining the authorized use cases and data flows for medical imaging
• Ensuring that authorized use cases have a secure mechanism for transferring data and storing extracted data.
• Using data discovery tools to identify image files stored in unauthorized locations
• Conducting user entitlement reviews and game-plan for identifying how user roles could be abused
• Monitoring user access to sensitive information and generate alarms on suspicious activity
Cyber attacks on medical imaging devices will become a major challenge to device manufacturers and healthcare providers. The above methods must be practiced in order to better protect the devices from attacks.