Unit 42 IoT Threat Report: 83% of U.S. Connected Medical Imaging Devices Vulnerable to Hacking

March 21 (UPI) — The vast majority of medical imaging devices in the U.S. are vulnerable to hackers, largely because of old operating systems and unsupported one, according tomedia reports. According to the 2020 IoT Threat Report, released by Palo Alto Networks’ Unit 42 Threat security team, up to 83% of connected medical imaging devices, such as mammograms, MRI MRI machines, and so on, are at risk.

This is significantly higher than the 56% in 2018.

Unit 42 IoT Threat Report: 83% of U.S. Connected Medical Imaging Devices Vulnerable to Hacking

This general decline in security has opened the door to new attacks, such as mining hijackings (up from 0% in 2017 to 5% in 2019), and has brought back long-forgotten attacks, such as Conficker, which has long been plagued by IT teams.

Conficker was first detected in 2008, when it exploited vulnerabilities in Windows XP and older Microsoft operating systems. The worm infects the devices, adds them to the botnet, and then continues to seek to infect other devices. By 2009, the worm had infected about 15 million computers and affected hospitals, government agencies and businesses.

In 2015, an estimated 400,000 machines were infected with the Conficker worm. 2020 reports that the number could now be 500,000.

At the same time, the report notes that 72% of medical virtual local area networks (VLANs) are mixed with IoT and IT devices, enabling malware within a user’s computer to spread to vulnerable IoT devices on the same network. Because IT-prophesied attacks scan networked devices in an attempt to exploit known vulnerabilities, the attack rate for device vulnerabilities is as high as 41%. IoT botnets are moving from implementing denial-of-service attacks (DoS) to more sophisticated attacks. The goal is to obtain patient identities, corporate data, and money for profit through ransomware.

Based on this, the report recommends that medical institutions regularly scan the network to see which IoT devices are networked. Any device that is not on the network or is not in use should be disconnected. Other devices should be updated periodically to ensure that any vulnerabilities are patched. Finally, IoT medical devices should be separated from conventional networks.