Social Distancing for Medical Devices: 5 Steps to Clinical Network Segmentation to Thwart Cyber-Attacks

Leon Lerman, Cynerio Co-Founder and CEO Since the beginning of 2020, cyber-attacks have spiked by 300% . As members of the world’s most targeted industry, healthcare organizations like hospitals, clinics, pharmacies, and distributors of medical equipment are more at risk now than ever. 

Even if an attack isn’t directly targeted at connected medical (or, Internet of Medical Things: IoMT) devices, it can spread through a hospital’s internal network and infect equipment used to diagnose and treat patients such as IV pumps, patient monitors, ventilators, and X-Ray machines.

As John Riggi, the American Hospital Association’s (AHA) senior adviser for cybersecurity and risk put it : “Worst-case scenario, life-saving medical devices may be rendered inoperable.” 

The best way for hospitals to prevent cyber attacks and safeguard IoMT devices from infection is by separating or virtually distancing, the most vulnerable and critical devices from each other. This is called network segmentation. 

Here are some practical steps hospitals can take to segment their clinical networks, decrease the attack surface, and safeguard patients from cyber attacks:

1. Define who is responsible

Traditionally, medical device security has been the responsibility of biomedical engineering equipment specialists. However, with the increasing prevalence of IoMT devices and the rise in healthcare-targeted cyber attacks, hospital IT teams have had to take a more active role in medical device security. As a result, close alignment between the IT and biomed teams is needed to devise and enforce safe and effective security policies for clinical networks. 

Securing medical devices and aligning IT and biomed teams have given rise to the need for a single, final decision maker on IoMT cybersecurity policy. Some larger institutions have gone as far as to create the role of Medical Device Security Officer (MDSO) to take direct responsibility for medical device security across a hospital’s entire clinical network.

2. Create a reliable equipment inventory

It’s impossible to set a network segmentation policy without an up-to-date inventory of a hospital’s connected medical devices, profiles on each device, and a deep understanding of communications and utilization patterns. 

Automated inventory tools must also be able to conduct ongoing inventory and profiling of devices with an understanding of IoMT-device behavior, device criticality, and medical device vulnerabilities. 

3. Assess the relative risk for each device

Risk scores should be calculated according to device criticality and medical impact. Risk assessment should be ongoing and continuously monitor the network for anomalous behavior. In order to assess the risk, the following factors must be taken into account:

– Communications with external servers required for normal device...