At the recent Cybersecurity Symposium in Cheyenne, Mike Borowczak, a University of Wyoming security professor in the Computer Science department, discussed the Internet of Things and Security.  A few of the examples given were hospital or healthcare related and Medicine Bow Technologies wanted to share them with our customers.

One of the most surprising data points was that Casper was number two in the use of default user names and passwords in the Internet of Things. Using default usernames and passwords opens your organization up to hackers. Often with the Internet of Things, you don’t even think about changing that information.

Who would think you could hack a hospital bed?

Mike referenced hospital beds hooked to the wireless network that had been hacked and were sending out sensitive data just like a human would (so it was a fluke they caught it). Mike said that this one was not in the news yet, but he had heard about it from contacts he has in the industry.

In addition, he referenced Dick Cheney’s pacemaker worry and Barnaby Jack’s insulin pump hack. Both articles can be referenced online.

“Ask why. Why do we need these bells and whistles?  Is it just because they are cool or do they truly serve a purpose to our business,” said Mike. From a hospital’s perspective, if it is just the cool new thing and it really doesn’t enhance treatment, then why introduce a new security risk into the hospital?  If the hospital truly does need it, then ask the right security questions when speaking with the vendor. Find out what protocols the vendor uses to make sure their product is secure and make sure those protocols work with the security set up in your hospital.

In addition, with all the internet of things being hooked up to our Electronic Health Record systems via our networks, this is probably a discussion we need to start having with our admin teams so they are aware of the security risks as well.

Leave a Reply

Your email address will not be published. Required fields are marked *