Report: Ransomware Attacks on IoT Medical Devices Will Likely Increase

Heather Landi | Healthcare Informatics | November 29, 2016

The Intel Security report also predicts that the volume and effectiveness of ransomware attacks will go down in the second half of 2017

Cyber attackers are increasingly breaching Internet-enabled medical devices using ransomware and this is likely to continue for the next two to four years, according to Intel Security’s recent McAfee Labs 2017 Threats Predictions Report. According to the threat predictions report, in which Intel Security interviewed 31 security thought leaders, while it is not currently known why attackers are breaching medical devices that collect patient data, the attacks are happening and medical data is being exfiltrated.

“More ominously, medical devices that monitor and control human systems—including pacemakers, insulin pumps, and nerve stimulators—are all becoming Internet enabled. Unethical attackers will see these medical devices as the next step in their journey beyond hospital ransomware attacks. Hospitals are successful ransomware targets partly because they need immediate access to information. A pacemaker is an ultimate example of the need for immediate access, so attackers will attempt to find vulnerabilities in these devices as they become Internet enabled and will be able to extort a great deal of money if they are successful,” the report authors wrote.

The prediction about attacks on Internet-enabled medical devices is just one of 21 predictions in the report regarding Internet of Things (IoT) security threats, legal actions and vendor responses in the next four years. According to the Intel Security report, IoT threats and breaches will prompt political and regulatory responses. “The speed of technology advancement will hinder effective legislation, and vice versa. Differing and even contradictory regulations among countries will make things more difficult for consumers, device manufacturers, and service providers,” the report authors wrote...