Kaspersky found health wearables and devices open to attacks
Researchers found 33 weak points in a frequently used protocol leaving sensitive information up for grabs.
Kaspersky's experts found numerous vulnerabilities in the MQTT protocol, often used for remote patient monitoring. Devices using MQTT, for example, record heart activity and other important health metrics.
Researchers claim that out of 33 vulnerabilities identified last year, 18 are categorized as critical. The findings show an increase of 10 critical vulnerabilities when compared to 2020.
According to the researchers, since 2014, 90 vulnerabilities in the MQTT protocol.
Worryingly, some vulnerabilities may allow attackers to stage man-in-the-middle attacks to intercept the data sent from the device.
According to security researchers, the MQTT protocol is often employed due to its ease of use. However, authentication and encryption on MQTT are entirely optional, making the protocol susceptible to man-in-the-middle attacks.
Bits of stolen information can provide threat actors with detailed data about victims' health condition and a person's movement depending on the device.
"Many hospitals are still using untested third-party services to store patient data, and vulnerabilities in healthcare wearable devices and sensors remain open," Maria Namestnikova, head of the Russian Global Research and Analysis Team (GReAT) at Kaspersky, claims.
Hospitals and other healthcare institutions need to take precautions to secure their systems. Since the continuous operation is of utmost importance, ransomware gangs started targeting hospitals with particular vigor.
According to Tenable's 2021 Threat Landscape Retrospective, close to half of the United States hospitals were shut down due to ransomware attacks, either as a direct result of an attack or to proactively shut down their networks to prevent further infection.
However, attacks against healthcare institutions are not limited to the US. On of the worst attacks of 2021 was carried out against Ireland's health service operator, resulting in a complete shut down all its IT systems.
While cybercriminals often target databases, there are evidence threat actors can leverage internet-facing equipment to carry out attacks. In a worst-case scenario, criminals could take over essential devices, for example, an insulin pump to leverage swifter ransom payment.
More from CyberNews:
Subscribe to our newsletter