Most medical device cybersecurity issues attributed to user authentication, report finds

The most common cybersecurity vulnerability among medical devices relates to user authentication, which is often the first line of defense against a hacker, according to a MedCrypt report.

For the report, MedCrypt — a medical device security company — reviewed alerts that various medical device vendors have submitted to the Industrial Control Systems-Cyber Emergency Response Team, a program of the U.S. Department of Homeland Security, since 2013. In total, MedCrypt detected 47 cybersecurity disclosures from medical device companies, comprising 122 vulnerabilities.

Most of the vulnerabilities MedCrypt identified — 70 percent — occurred after the FDA released its Postmarket Management of Cybersecurity in Medical Device Guidance December 2016.

Here are the most common causes of the 85 vulnerabilities that companies disclosed through the ICS-CERT system after December 2016:

1. User authentication: 42 percent

2. Code defect: 28 percent

3. Encryption: 8 percent

4. Operating system: 8 percent

5. Third-party library: 5 percent

6. System configuration: 4 percent

MedCrypt attributed an additional 5 percent of cybersecurity vulnerabilities to a "miscellaneous" category.

To download MedCrypt's report, click here.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars