Philips Healthsuite Android app poses cybersecurity risks

Philips and the Department of Homeland Security have issued public alerts saying that the former’s Healthsuite app has several vulnerabilities that can be exploited by hackers to steal confidential data.

Philips and DHS (the Department of Homeland Security) have issued public alerts last week pointing out the possible security holes in Philips’ HealthSuite app for Android devices. It is being said that the app contains very low-level encryption that can be easily exploited by hackers in order to steal confidential user information.

Philips issued a statement last week saying that there haven’t been any reports of the app being hacked so far, but the potential risk is real. The statement further added that an analysis by Philips officials revealed that they do not expect any hazard to the users due to this hole in the app’s security.

The company has also promised to fix the vulnerability in Q1 of 2019 with new software.

Until then, Philips has advised users to refrain from rooting or jailbreaking their devices, as doing so will disable the security barriers in the mobile software and make it more susceptible to hacks.

It has been reported that all versions of the HealthSuite app contain this particular vulnerability. Anyone with physical access to a device running the app could take advantage of the loophole and pose a threat to the privacy of the user’s data. Thankfully, there is no way to exploit the flaw remotely, so the risk is significantly lower.

The security flaw in the app was discovered by a security researcher, who immediately notified Philips. The company is expected to conduct a thorough risk assessment as well as a deep impact analysis before taking any defensive measures. In cases like this, the NCCIC (National Cybersecurity and Communications Integration Centre) recommends that the affected company should report the details to NCCIC to find a correlation with other cases.

The HealthSuite Platform was launched by Philips in 2016 in order to improve the health of patients at home. The app works with the company’s health monitoring devices like a smart weighing scale, thermometer, blood pressure monitor, etc. The data from these devices is neatly compiled and statistically displayed in the app, making it easier to track the patient’s health and take necessary medical steps.

The internet seems to be expanding at an unbelievable rate, and technology is getting smaller, smarter, and more convenient day by day.

mHealth is one of the fastest growing and very promising industry, providing health and wellness tracking at the touch of a finger. People can now monitor their heart rate, blood pressure, temperature, and other vitals right on their phone.

Most of these smart apps also suggest the course of action to be taken if the vitals aren’t natural. Remote monitoring now allows doctors to talk to the patient and track their health status while sitting thousands of miles apart.

mHealth can definitely do a great job at improving medical provisions in regions where the best health facilities are hard to find. However, there’s always the risk of the medical data getting stolen by hackers exploiting security vulnerabilities in such apps. Appthority, a research center, had reported in July that more than 3,000 mobile apps contained a security vulnerability that left their users’ health records, prescription details, chat messages, and other confidential data at the mercy of hackers. Thus, security should be the biggest concern for any mHealth app company.

Image credit: www.philips.co.in