Hackers Threaten Medical IoT Devices: Here’s How to Keep Them Safe

With so many every day devices connected to the internet, the risk of hacking is always there. But this is an even more serious threat for people who use medical IoT devices.

Here we’ll explain how medical IoT devices are vulnerable to hacking. Then we’ll tell you what steps you should take to keep your devices safe.

What Are Medical IoT Devices?

How to keep your medical IoT devices safe from hackers - stethoscope

You may have heard of the Internet of Things What Is the Internet of Things? What Is the Internet of Things? What is the Internet of Things? Here’s everything you need to know about it, why it’s so exciting, and some of the risks. Read More (IoT), a term for gadgets and devices which are connected to the internet, often in the home. Think of smart kettles, smart bulbs, smart speakers, smart TVs, and so on. These devices connect to the internet to send you information via an app on your phone. Or they provide an interface for the internet so you can watch videos or listen to music.

An expanding field is medical IoT, which refers to Internet of Things devices related to healthcare. This includes devices for diabetic patients to monitor their glucose levels or dispense insulin, smart inhalers for asthmatics, some artificial pacemakers, and smart contact lenses. It even includes the Apple Watch which tracks health indicators like heart rate.

These devices help many people and are particularly useful for allowing doctors to monitor patients remotely. In the case of smart drug delivery devices, they can also make sure people get the right amount of medication they need on time.

Why Are These Devices at Risk From Hackers?

It’s a scary thought, but medical IoT devices are vulnerable to hackers The Internet of (Medical) Things: Dangers, Risks, and Security Problems The Internet of (Medical) Things: Dangers, Risks, and Security Problems Connected medical hardware can improve healthcare, patient data collection, and record keeping… but it comes with new risks for online security. Here’s why medical Internet of Things devices need to be more secure. Read More . Cyber criminals can use the same techniques they use on phones and computers to access medical devices. In fact, in some ways IoT devices are more vulnerable because their security systems are often based on older hardware.

Hackers can potentially access any device which is connected to the internet. And the consequences of a life-essential medical IoT device like a pacemaker being hacked are extremely serious.

In mid-2019, a security issue with insulin pumps made by Medtronic arose. Thousands of the devices had to be recalled. And in 2017, the Food and Drug Administration announced that implantable cardiac devices from St. Jude Medical had serious security vulnerabilities, which had to be fixed with a software patch.

There has not yet been a reported case of someone being harmed by a hacked medical IoT device. But the possibility that it could happen in the future has both security experts and device users concerned.

General Security Tips for IoT Devices

There are steps you can take to make more medical IoT devices more secure. Firstly, you should follow standard advice for securing any kind of IoT device:

1. Change the Device’s Default Password

Always change the default password. Most IoT devices come with a default password like “password” or “0000” which makes them incredibly easy to access. Users often don’t think to change these passwords because they don’t realize how vulnerable they are. Whenever you get a new device which connects to the internet, find out if it has a password and change it to something only you know.

2. Update the Device’s Software Regularly

You also need to make sure that you update the device’s firmware regularly. Some devices will automatically update themselves, but not all have this function. It can be an annoyance to update software, but it’s essential to patch any security issues and to keep your device safe. Check with the manufacturer to see if there are updates you need to apply.

3. Turn off Automatic Connection to Wi-Fi Networks

Check your settings and don’t let your device automatically connect to available networks. If your device stays in your home and only connects to your home Wi-Fi, it’s probably fine. But what if your Wi-Fi network goes down, or you move the device to a new location? In that case, the device might detect an open network and automatically connect to it.

You need to be very careful when connecting to open networks, as hackers can use public Wi-Fi to steal your identity 5 Ways Hackers Can Use Public Wi-Fi to Steal Your Identity 5 Ways Hackers Can Use Public Wi-Fi to Steal Your Identity You might love using public Wi-Fi — but so do hackers. Here are five ways cybercriminals can access your private data and steal your identity, while you’re enjoying a latte and a bagel. Read More . They may be able to access data or manipulate your IoT devices as well.

Specific Security Tips for Medical IoT Devices

How to keep your medical IoT devices safe from hackers - insulin pump

There are also specific steps you should take to keep your medical IoT devices safe:

1. Keep Your Device in a Safe Place

It’s a good idea to keep your device on you at all times. You want to make sure no one has the opportunity to interfere with your device in person as well as over the internet. This is best achieved by carrying your device with you or locking it away somewhere safe when it is not in use.

2. Be Careful Where You Plug in Your Device

Don’t ever plug your device into an unknown computer. When you connect your device to a computer, such as through USB, you enable the transfer of data between the two. Hackers could use this connection to interfere with your device and make it less secure. Avoid plugging your device into public computers in locations like libraries. Only connect it to computers you own and monitor yourself.

Also, be careful with charging stations. Sometimes, a charging station will be a simple USB cable and charger, and this can be used safely as it can’t be used to transfer data. But sometimes, a charging station will have a USB cable that goes into a hole or wall so you can’t see what the cable is connected to.

These cables could be connected to a computer, and plugging your device into them will give that computer access to your device which can be dangerous. If you aren’t absolutely sure about a charging station, don’t use it.

3. Keep up to Date on Security Issues

Check the website of your device manufacturer regularly to see if there are updates or security issues that you need to be aware of. And if your device is behaving strangely or you think someone may have accessed it, talk to your doctor as soon as possible.

What to Do If Your Medical IoT Device Has a Security Vulnerability

Look out for letters or emails from your device manufacturer about updates to your device. You should be extra careful if you hear that your device has a vulnerability. In addition to the steps above, follow these steps advised by the FDA:

  • Don’t share the serial number of your device. If you ever take a photo which includes your device, make sure the serial number is not visible. This is particularly important for known vulnerabilities like the Medtronic Insulin Pumps, as hackers can use the serial number to access the device or find information about you.
  • Disconnect devices from your computer when you are not downloading data or updating software. When you leave your device plugged in there is a chance that anyone who can access your computer could access your device as well. Minimize this risk by only plugging your device into your computer while you are in front of the computer yourself and unplugging it when you are done.
  • Don’t let anyone else touch your device. This might sound paranoid, but it’s best to be extra careful with a device which is important for your health. Don’t allow other people to handle your device, and watch out if you have small children who might be curious and press buttons without knowing what they do.

Take Precautions to Keep Medical IoT Devices Secure

These tips will help make sure that your important medical IoT devices are as secure as they can be from hacking attempts.

While you’re here, you can also learn how to secure other IoT devices in your home with our tips for securing smart devices 5 Tips for Securing Your Smart Devices and IoT Devices 5 Tips for Securing Your Smart Devices and IoT Devices Smart home hardware is part of the Internet of Things, but how safe is your network with these devices connected? Read More .

Explore more about: Internet of Things, Medical Technology, Online Security.