Cybersecurity for Internet of Medical Things | A big challenge for healthcare innovators

Cybersecurity for Internet of Medical Things

Internet of Medical Things: A brief overview

The Internet of Medical Things also known as IoMT is the collection of applications and medical devices, which connects to healthcare IT systems via computer networks. IoMT uses Wi-Fi as its base for aiding the medical devices to communicate to the machine. The examples of IoMT applications are remote health monitoring, mHealth applications, analytical dashboards connecting to Infusion pumps, telemedicine, etc.

These applications help the patients to send the medical data through their mobile phone and internet connectivity in real-time. Especially the diabetic, cardiac and blood-pressure patients have found it convenient to use the remote health monitoring applications on their smartphone for sending the medical records to the physicians.

These devices are largely used in hospitals and nursing homes for providing comfort to the patients and it also helps the doctors to save the trips from visiting the patients. The IoMT market is quite huge and is going to expand even more in the near future.

By the end of 2025, the economic influence of IoMT devices will rise to 6 Trillion USD and by the end of 2020, around 4 billion people will be connected via IoMT.

Most important companies operating in the market for cybersecurity of IoMT are Armis, Bastille, CENTRI technology, Cisco, Claroty, etc.

Recommended for you
The dark side of smart hospitals
Watch live hacking of embedded medical devices
India introduces Digital Information Security in Healthcare Act

Ensuring security of connected medical devices: A challenge

It is quite important to have a secured database in the medical or healthcare organisation for ensuring data safety and reliability. The IoMT faces the problem of cybersecurity because of the increasing use of medically connected devices in the healthcare industry and the lack of proper security infrastructure in the medical institutes and the organizations.

The developers of the medical applications chiefly focus on the utility and features and hence, the security part is generally compromised.

This may lead to loss of data, sharing the personal data, changing the medical data or necessary information about medicine, dosages, etc and hacking of MRI and X-ray machines in the hospitals. The cybersecurity is important for these medical devices and applications because the vulnerabilities can accidentally or deliberately kill someone.

For example, if the wireless insulin pump is hacked by a cybercriminal inside the hospital then it can prove scarier than anything else for the patient. There was a similar incident reported, where terrorists could have hacked Dick Cheney’s heart. The hacked insulin pump can offer incorrect dosages from up to 300 feet away, which could be life-threatening for the patient.

Thus, the cybersecurity should be implemented on high standards for ensuring the safety of the patients and the organization’s reputation as well.

The major challenges faced by the medical organisations for ensuring the safety of the IoMT are the increase in numbers of connected medical devices, need for the high-speed cloud computing platform, lack of fundamental security features, specially designed malware, low battery and computation power for encryption, etc.

As per the INFOSEC institute, more than 70% of the IoMT devices lack fundamental security safeguards as the application majorly focuses on the features than the security of data theft. This ultimately leads to theft of IP addresses and data, which may be dangerous for the patient as well as the medical organization.

Also, the increased numbers of medical devices influence the cybercriminals to design a special malware for stealing the data. This also influences the developers to concentrate on the demand of developing more numbers of applications, which results in compromise with the quality and security issues.

Additionally, the lack of proper testing, poor quality analysis and higher demand for application development are helping the cybercriminals to steal the data from the server. There are different kinds of attacks or threats to medical devices, which includes eavesdropping i.e. privacy of the data being leaked, integrity error i.e. alteration of messages and availability issues including battery draining attacks.

Other challenges to the cybersecurity of the IoMT are the limited amount of storage and memory of the device which leads to transfer of the data to the third party application. There should be a high-end third-party cloud connection and security for ensuring the safety of the transferred data.

Security frameworks & architectures for the Internet of Medical Things

There are few leaders and pioneer startup companies, which are developing framework and architecture for ensuring cybersecurity of IoMT such as are Armis, Bastille, CENTRI technology, Cisco, Claroty, DarkMatter, Dell EMC, etc to name a few.

Aramis gained considerable attention after launching BlueBorne, which is basically a Bluetooth-based attack vector. The company offers a security framework for medical IoT with a database of 4 million connected devices.

Cisco has developed different frameworks for secured network management specialities that are applicable for IoMT such as endpoint security, security framework, access control, intrusion prevention and policy enforcement.

The company’s framework defends against IoT threats and also helps in gaining visibility and control by simplifying compliance. Likewise, CENTRI Technology has introduced IoTAS (Internet of Things Advanced Security) platform for compress data and security. It is famous for its chip to cloud encryption for ensuring cybersecurity in healthcare department. The security frameworks of the different startups ensure the security of interconnected medical devices through the cloud security.

For an example, the Cisco Cloud Connected Framework architecture ensures the security of medical IoT by providing optimized to third-party cloud security along with simplified operations. The CENTRI technology’s IoTAS solution is using proprietary cached mopping technology to guarantee an improved uptime of powered medical devices for better power efficiency and battery life.

Cybersecurity for Internet of Medical Things: A major agenda for next-gen medical devices

The hackers try to carry out a number of despicable activities such as monitoring live feeds, altering the LIVE camera settings, data stealing and altering, authorizing third parties to view and monitor the settings, hacking motion sensors for stealing wearable health data, etc. Hence, the cybersecurity of medical IoT is quite vital and necessary for ensuring the data security of the medical organizations as well as the patients.

The biggest challenge for ensuring the security of medical IoT is the growing lists of medical devices in the organizations.

The increased numbers of medical devices are imposing a higher amount of risks of data threats and security. Apart from the frameworks and startups mentioned above, there are few other security firms that are helping in securing the medical IoT.

Gemalto is using its digital security mobile experience for IoMT by offering SE (Secure Element) technology. In short, the IoT security which was previously ignored by the medical organizations and device developers is now being a major concern.

To make the IoMT secure and reliable, there should be secured gateways for interconnecting the devices along with the secured manufacturer network.

Image credit:


Leave a reply

Your email address will not be published. Required fields are marked *


© 2018 Dr. Hempel Digital Health Network

Dr. Hempel Digital Health Network is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to


Log in with your credentials

Forgot your details?