Medical Device Security

63% of known exploited vulnerabilities found on healthcare networks

March 18, 2024 - Healthcare networks and medical devices are highly vulnerable to cyberattacks, according to a recent study from cyber-physical systems protection company Claroty. The study found that 63 percent of known exploited vulnerabilities (KEVs) tracked by the Cybersecurity and Infrastructure Security Agency (CISA) can be found on healthcare networks. About...


More Articles

GAO Urges FDA, CISA to Revamp Medical Device Cybersecurity Agreement

by Jill McKeon

The US Government Accountability Office (GAO) released a report on medical device cybersecurity to address limitations in federal agencies’ authority, explore challenges in accessing federal...

Researchers Observe 59% Spike in Medical Device Security Vulnerabilities

by Jill McKeon

Security vulnerabilities in medical devices and the software applications that support them continue to pose a significant threat to healthcare, the Health Information Sharing and Analysis Center...

What the US Cyber Trust Mark Means for IoT Security in Healthcare

by Jill McKeon

In July 2023, the Biden-Harris Administration announced the creation of the US Cyber Trust Mark, a cybersecurity labeling program for Internet of Things (IoT) devices to help consumers make informed purchases with security in...

MedCrypt, Kansas State University Launch Medical Device Security Research Project

by Jill McKeon

MedCrypt, a cybersecurity solution provider for medical device manufacturers, announced a partnership with Kansas State University (KSU) to drive medical device security research. MedCrypt provided a...

Implementing a Zero Trust Architecture For Medical Device Security

by Jill McKeon

A zero trust architecture can help organizations across all sectors secure their networks and keep cyber threats at bay. Zero trust is not a standalone technology or tactic, but an array of cyber...

FDA: Critical Illumina Cybersecurity Vulnerability May Allow Threat Actors to Control Devices Remotely

by Jill McKeon

The US Food and Drug Administration (FDA) alerted healthcare providers and laboratory personnel of a cybersecurity vulnerability that impacts the Universal Copy Service (UCS) software in select...

1 in 5 Connected Medical Devices Run On Unsupported Operating Systems

by Jill McKeon

New data from asset visibility and security company Armis found that 1 in 5 connected medical devices run on unsupported operating systems (OS). To inform its research, Armis analyzed data collected by...

FDA to Refuse Medical Device Submissions For Cybersecurity Reasons Beginning in October

by Jill McKeon

Effective immediately, the US Food and Drug Administration (FDA) will require medical device manufacturers to provide cybersecurity information in their premarket device submissions. Additionally,...

HSCC Publishes Guidance On Managing Legacy Medical Tech Security

by Jill McKeon

The Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) released its “Health Industry Cybersecurity – Managing Legacy Technology Security...

Outdated Operating Systems Remain Key Medical Device Security Challenge

by Jill McKeon

Microsoft’s support of Windows 8.1 ended on January 10, meaning that the company will no longer provide software updates and technical assistance for that version of its operating system (OS). To reduce risk, Microsoft recommended...

Key Medical Device Security Requirements Included in Omnibus Bill

by Jill McKeon

The House and Senate Appropriations Committees released the text of an omnibus appropriations bill that would keep the government funded through September 30, 2023. The document is more than 4,000...

Weak Connected Medical Device Security Increases Cyberattack Threats

by Sarai Rodriguez

Medical device security continues to be an issue for healthcare organizations, especially as the threat of cyberattacks increases in the industry. The medical internet of things (IoT) has...

New Connected Device Security Maturity Model Helps Orgs Strengthen Cybersecurity

by Jill McKeon

Connected device security company Ordr published a maturity model to help healthcare organizations evaluate and improve the security of their connected devices. The guide is broken down into five...

FDA, MITRE Publish Updated Medical Device Security Incident Response Playbook

by Jill McKeon

The US Food and Drug Administration (FDA) and MITRE released an updated version of their “Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook.” The playbook...

MDIC Releases Medical Device Security Maturity Benchmarking Report

by Jill McKeon

Medical device security continues to be a top concern in the healthcare sector. The prevalence of legacy devices, the increasing interconnectedness of the sector, and the need for industry-wide...

Sector’s Increasing Interconnectedness Poses Healthcare Cybersecurity Risks

by Jill McKeon

Healthcare, like any other industry, is increasingly relying on internet-connected devices to facilitate day-to-day operations and workflows. The interconnectedness of healthcare means that security...

Experts Weigh in on Medical Device Security Exit from FDA User Fee Bill

by Jill McKeon

An appropriations bill that will reauthorize US Food and Drug Administration (FDA) user fees is advancing without key medical device security provisions included in the House bill, which passed with overwhelming support in June.  The...

Certain Medtronic Insulin Pumps Pose Healthcare Cybersecurity Risks, FDA Says

by Jill McKeon

The US Food and Drug Administration (FDA) warned the sector of healthcare cybersecurity risks associated with the Medtronic MiniMed 600 Series Insulin Pump System that could jeopardize patient...

FBI Warns of Patient Safety, Security Risks Associated With Legacy Medical Devices

by Jill McKeon

The Federal Bureau of Investigation (FBI) released a notice outlining the security and patient safety risks associated with unpatched and legacy medical devices. The FBI has observed a recent uptick...