Hospitals exposed as medical devices create massive cyber risks

Published: 23 December 2025
Hospital ransom
Image by Julia Podus | Shutterstock

Even a doctor’s Bluetooth music speaker can compromise a hospital’s cybersecurity network, and chief information security officers won't be among the first to know.

Connected medical equipment refers to a group of devices essential for patient care, including infusion pumps, MRI scanners, tablets, and monitoring systems.

For example, Cybernews previously reported on an instance where over 1.2 million medical devices, including MRI and CT systems, were exposed online with weak or no authentication. That allowed attackers to access sensitive patient scans before they themselves could even hear their diagnosis.

ADVERTISEMENT

A new survey suggests a grim reality about medical device safety. It turns out that hospitals are struggling to keep track of just how many devices are connected to their networks, and even who is responsible for securing them.

It is estimated that an average hospital dedicates approximately 15 connected medical devices per patient bed. This means that a hospital caring for hundreds of ill people should be managing tens of thousands of devices, providing an entry point for malicious actors.

hospital bed, broken black keyboard, water bottles
Image by Cybernews.

With the report stating that “93% of healthcare organizations (or the majority of the top 100 US hospital systems) experienced common cyberattacks in the past 12 months,” the likelihood of hackers attempting to compromise or steal critical patient information becomes a significant concern.

Chief information security officers (CISOs) in North America, surveyed by exposure management company Asimily, identified four of the biggest challenges they’d solve immediately. One of them is complete device visibility.

Visibility remains the biggest challenge

Forty-three percent of CISOs surveyed stated that achieving complete device visibility was the most urgent problem they would address, given the opportunity.

In practice, this means that hospitals often lack a clear inventory of connected devices. As a result, security teams are often unaware of potentially vulnerable systems or their exact physical location within a hospital.

ADVERTISEMENT

“It’s a major challenge for CISOs largely because many are now working without a holistic approach to visibility across IT, IoT, IoMT, and OT. The lack of visibility is compounded by the way devices are introduced into hospital networks. Clinical teams, biomedical engineers, and third-party technicians may deploy or modify equipment without notifying security teams, creating blind spots that attackers could exploit,” explains the report.

Almost a quarter of hospital CISOs claimed that their top priority would be to detect ransomware threats. However, this issue is more likely to arise from the device visibility point problem, because, as the report states, ransomware detection “can only be effective when all IoMT, OT, and IoT devices are fully discovered and visible.”

Almost the same number of CISOs said their top priority would be compliance automation, while the smallest group of the ones surveyed (4%) claimed to have other priorities.

Who does what when a hospital gets hacked?

While CISOs named device visibility as their biggest concern when managing hospital cybersecurity, another major issue stems from flaws within the organization’s internal processes.

A third of CISOs said unclear ownership, fragmented responsibilities, and poor communication between departments made it harder to secure medical devices than technical limitations alone.

ecaresoft
Image by Cybernews

“In many organizations, health technology management or clinical engineering might own the deployment or maintenance of medical devices. Meanwhile, security finds out after the fact when a new device is added to the network,” the report said, giving a practical example of how a lack of documented coordination can occur.

Data overload and lack of tools

Another issue reported by CISOs is the volume of data generated by connected devices. This becomes an issue when (as stated above) not all medical devices in use are visible, and their behavior is unclear. Therefore, security teams struggle to distinguish normal network behavior from genuine threats.

ADVERTISEMENT

“It’s incredibly easy for HTM teams to set up a new device and connect it without informing security, or for a doctor or clinician to bring something from home, like a Bluetooth speaker, and link it into the hospital network,” the report explains.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked