Unveiling the Persistent Risk of Connected Medical Devices

Ransomware has been wreaking havoc in 2024. If networks at hospitals are shut down, patients suffer. Life-saving surgeries are postponed. Patient monitoring returns to pen and paper. Insurance approvals and billing systems become inoperative.

Hospitals manage an ever-expanding range of assets and vendors. We’ve been tracking the volume of medical devices with internet exposure and known vulnerabilities since 2017. Today, 80% of data breaches are caused by hacking — with 1.6 data breaches per day. See our research using a dataset from 2 million assets across 45 distinct healthcare delivery organizations.

 

Register for Webinar Get The Report

 

110

Unique OS

300+

Unique vendors

286%

DICOM exposure growth
since 2017

20/s

Attacks

The Asset Intelligence You Need to Isolate Persistent IoMT Risk

Get a deeper understanding of the insecure state of hospitals and clinics from the perspective of asset risk. Where is it? What can you do about it? Join Rich DeFabritus, Director of Product Marketing, Healthcare and Risk and Management Exposure as he examines the most important risk factors and takeaways from our IoMT research.

Register Now

Get The Report

Most Popular IoMT Devices

The most popular device functions – communication systems and healthcare workstations – are not directly connected to patients. They provide critical healthcare functions, such as emergency alerts, communication, processing, and storing of patient data.

Patient monitors and infusion pumps – connected directly to patients – represent 25% of devices. The remaining 25% is divided into the 84 other functions including imaging systems, lab equipment and specialized equipment, such as pneumatic tube systems.

Most Popular Vendors

The vendor landscape is incredibly fragmented. Well-known names, such as Philips, GE, Roche and Baxter are among the top 10 most popular vendors. Yet, the ‘Others’ category comprises a staggering 60% of vendors meaning third-party risk management is incredibly challenging – especially with 110 unique operating systems.

Read The Blog

Exposed Devices Running DICOM by Country

DICOM is widely used with picture archiving assets or PACS. Our honeypot captured 23,000 interactions with DICOM by attackers. And as you can see, we’ve been watching the internet exposed  DICOM closely. Since 2017, the exposure of DICOM to the internet has grown by 286% — with the highest concentration in the US.

Dive Into the Research

Get all the data and nuanced analysis including:
 
  • Which connected medical device categories are used in HDOs
  • How these devices are vulnerable
  • Analysis on open ports and DICOM internet exposure
  • Examination of the effects of healthcare data breaches
  • Complete mitigation recommendations
Get The Report

Top 3 Riskiest Connected Medical Devices Infographic

It’s critical for a healthcare organization’s clinical, security, and risk management leaders to work together to secure all devices across the extended HDO. A holistic approach to security requires continuous visibility and control over the entire connected-device ecosystem.

See why in this infographic

Strategic Recommendations:
How Forescout Can Help

  • Risk and exposure management: Identify, quantify and prioritize cybersecurity risk. Start by discovering and assessing every connected asset to gain real-time awareness of your attack surface.
  • Network security: Continuously monitor all connected assets to govern network access, using real-time traffic visibility to manage segmentation and dynamic control policies to mitigate and remediate risk.
  • Threat detection and response: Detect, investigate and respond to true threats and incidents using threat detection and response capabilities to collect telemetry and logs, correlate attack signals, generate high-fidelity detections and enable automated responses.
Schedule a Demo
Demo RequestForescout PlatformTop of Page