As 2021 comes to a close, we at Medigate took a look back at what happened this year in healthcare security. Now, it would’ve been considerate for the “bad guys” to take a break and give our healthcare delivery organizations (HDOs) time to focus on the global pandemic. Unfortunately, they continued to attack.  

The Medigate Data Team compiled a list of the most severe vulnerabilities and attacks in the healthcare sector. While this review is certainly not exhaustive, it highlights the sheer volume of attacks on medical devices and the most critical issues of 2021 (besides the global pandemic). 

Today’s healthcare environment is expanding as connected medical devices are expected to grow an additional 42% by 2025. These devices improve patient care, so the growth corresponds with improving healthcare outcomes. However, more devices mean more attack surfaces that must be secured to avoid compromises or disruptions to patient care. 

Attacks are rising, with many estimates placing the 2021 increase at around 40%. Medical devices are a common attack vector, and securing them requires diligence and skill. While each episode has its own unique characteristics, there are similarities between the attack types – attacks to medical devices that have come through IoMT vulnerabilities, platform vulnerabilities, and third-party access. 

This report highlights the top offenders in each of these vectors and provides some generalized recommendations to secure your network. While no one can predict the future exactly, we can confidently expect the trend of bad actors attacking healthcare cyber-physical systems to continue increasing next year. This report looks at those trends and concludes with some general thoughts about the state of device security in 2022.

How we got our findings 

The observations shared below originate from the real-world data of Medigate’s customers and partners, which include more than 10 million devices (1 million unique device types) across 100+ HDOs and over 1,000 individual hospitals. Medigate Research Labs discovered and then reported two of the threats covered in the report to the vendor and user community as part of our commitment to advancing the healthcare market’s cybersecurity research and data integrity. Overall, Medigate Research Labs saw a notable expansion of medical devices as they tracked known and emerging threats. The Medigate Data team observed the following:

– 14.5% growth of connected medical devices

– 30% of devices are potentially affected by two or more critical vulnerabilities

– 20% of medical devices should enroll in an EDR tool, but only 7% of the eligible pool are.

As noted, 2021 was a doozy of a year. Fortunately, with trained cybersecurity people, detailed processes, and appropriate technology, HDOs can address the growing number of threats they are facing. The goal is to prevent the successful exploitation of vulnerabilities and attack vectors that can impact multiple device types, impair patient treatment, and put lives at risk.