HHS HC3 Warns Healthcare of IoT Device, Open Web App Risks

Advisories Recommend Entities Take Steps for Prevention and Mitigation Marianne Kolbasuk McGee (HealthInfoSec) • August 5, 2022    

Federal authorities are urging healthcare sector entities to be proactive in addressing security risks posed by internet of things devices and by open web applications.

See Also: Webinar | Prevent, Detect & Restore: Data Security Backup Systems Made Easy

The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center in an IoT advisory reminds medical entities about the risks posed by devices equipped with sensors, software and other technologies to connect and exchange data over the internet.

In addition, a separate threat brief about open web applications spotlights the Open Web Application Security Project’s Top 10 List of security risks involving those applications.

That brief comes on the heels of HHS HC3 last month issuing an advisory urging healthcare sector entities to batten down their patient portals and other common web applications from cyberattacks (see: Feds Warn Healthcare Sector of Web Application Attacks).

IoT Advisory

HHS HC3 in its IoT advisory notes that common “smart” devices used for healthcare include patient blood pressure and heart rate monitors, glucometers and fitness trackers.

“Any device connected to the internet has the potential to be hacked and the internet of things is no exception,” HC3 writes. “A compromise of these devices could lead to devastating damage including tampering with traffic lights, shutting down home security systems, and damage to human life.”

Potential attacks involving these IoT

Read more

Explore the site

More from the blog

Latest News