53% of medical devices have a known critical vulnerability

After a year of unprecedented ransomware attacks on hospitals and healthcare systems – and with healthcare now the #1 target for cybercriminals – critical medical device risks in hospital environments continue to leave hospitals and their patients vulnerable to cyber attacks and data security issues.

Data shows that 53% of connected medical devices and other IoT devices in hospitals have a known critical vulnerability.

Critical medical device risks IV pumps are the most common healthcare IoT device and possess a lion’s share of risk: IV pumps make up 38% of a hospital’s typical healthcare IoT footprint and 73% of those have a vulnerability that could jeopardize patient safety, data confidentiality, or service availability if it were to be exploited by an adversary.

Healthcare IoT running outdated Windows versions dominate devices in critical care sectors: Devices running versions older than Windows 10 account for the majority of devices used by pharmacology, oncology, and laboratory devices, and make up a plurality of devices used by radiology, neurology, and surgery departments, leaving patients connected to these devices vulnerable.

Network segmentation can reduce critical IoMT and IoT risk: Network segmentation can address over 90 percent of the critical risks presented by connected medical devices in hospitals and is the most effective way to mitigate most risks presented by connected devices.

“Healthcare is a top target for cyber attacks, and even with continued investments in cybersecurity, critical vulnerabilities remain in many of the medical devices hospitals rely on for patient care,” said Daniel Brodie, CTO, Cynerio.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

Tell us about your needs.
Get an answer the same business day.

Tell us about your needs.
Get an answer the same business day.

Fill out the form below and get an answer from our experts within 1 business day.
Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.
PCI-DSS

What happens next:

  • We reach out to learn about your objectives
  • We work together to define your project's scope
  • You get an all-inclusive, no engagement proposal

Scroll to Top

BOOK A MEETING

Enter Your
Corporate Email

Restez Informés!

Abonnez-vous pour rester au fait des dernières tendances, menaces, nouvelles et statistiques dans l’industrie.