What’s your stereotype of a hacker: a malicious millennial intent on hijacking your computer, deleting your files and demanding a ransom? A corporate criminal stealing sensitive data from Sony or Yahoo? Or a rogue programmer attacking connected cars and electrical, water and telecommunications grids?
You may not think of hackers targeting hospitals, but this is where our wired world may be most vulnerable, and the results could be deadly.
Most medical devices such as drug-infusion monitors, kidney-dialysis units and ventilators were built when Internet connectivity was still new and IT professionals never imagined a hacker could change the drip rate in an IV or stop an ICU patient’s breathing machine.
That chilling prospect was at least one of the reasons why Israeli startup Cynerio was able to raise $7 million for its technology designed to protect medical devices from cyberattacks.
“Every cyber company has two elements,” Daniel Brodie, Cynerio’s CTO, tells ISRAEL21c. “There’s a bit of the fear story – what would the worst-case scenario look like – as well as a real business ability to provide solutions for customers.”
Cynerio addresses what’s become known as the “Internet of Medical Things” – a play on words for the better-known “Internet of Things” which describes devices such as smart refrigerators and thermostats that are Internet-connected.
Zion Market Research estimates that the global market for the Internet of Medical Things is growing 11 percent a year and could reach $14.7 billion by 2022.
The benefits of smart medical devices are clear. They’re “good for doctors [who] can make decisions based on real-time data,” explains Cynerio CEO Leon Lerman.
Consider a hospital’s radiology department, for example. When a patient is admitted to the hospital, a new digital record is created in the main computer system. If the patient is subsequently sent for a CT scan, the patient’s information is already queued up. The results of the scan are automatically sent to the hospital’s imaging server, which later updates the patient’s EMR (electronic medical record).
That makes for efficient medical care, but a determined hacker could enter at multiple points in the process. “These systems are not secure,” Lerman laments, “and a large number of these devices are operated by old systems and don’t even have anti-virus installed.”
Protecting hospital networks
In 2017, a ransomware attack called WannaCry targeted computers running Microsoft Windows. Although the hack was generic, in the UK it hit the country’s NHS-operated hospitals the hardest, forcing them to turn away patients and cancel some 19,000 appointments.
Staff had to use pen and paper and their own mobile devices after the attack affected key systems including telephones. The UK Department of Health estimated the damage at more than $100 million.
Hackers who get into a hospital’s computer systems via a medical device can also steal personal data that can be used later for identity theft. A group of hackers known as the Dark Overlord stole and then leaked the phone numbers and addresses of several Hollywood celebrities who were clients of a Beverly Hills, Calif. plastic surgeon.
Because there are so many possible medical devices with different vulnerabilities, creating cybersecurity patches specific for each would be an impossibly large task, Brodie tells ISRAEL21c. So Cynerio is working with hospitals’ IT departments to protect the network as a whole.
“We take the metadata – such as what types of messages are being uploaded – and do machine learning across the hospital, in order to understand the behavior of the facility in general,” Brodie explains. “We know that MRI machines don’t talk to patient monitors, for example.”
This kind of insight helps Cynerio guard against attacks while delivering a low number of false positives, he adds.
Cynerio uses the tools a hospital already has, such as firewalls and Network Access Controls, Brodie says. “Our main added value is the learning.”
Cynerio also educates hospital staffers who don’t always know how to use the tools they have and – because equipment can sometimes be purchased by individual departments rather than a central buying facility — may not even know how many medical devices they have at the facility.
Cynerio provides hospitals with visibility (which devices are communicating on the network); assessment (which devices are vulnerable); detection (identifying anomalies in real time within a medical context); and protection (improving security).
Because Cynerio’s tech is not attached to the equipment, it will not “interfere with the routine operations of the device in providing medical treatment,” Lerman adds.
What makes Cynerio unique
Brodie and Lerman launched Cynerio in 2017 in Ramat Gan outside Tel Aviv. The company’s cybersecurity software is now running at hospitals in Israel including Tel Aviv Sourasky Medical Center and Rambam Health Care Campus in Haifa.
The new financing from Accelmed, RDC and MTIP will allow Cynerio to expand to the United States and hire 10 people there. Lerman is moving to the US to head up the sales arm of the company.
Cynerio is not the only company providing cybersecurity to hospitals.
“A few generic IT solutions have shifted into healthcare,” Brodie points out. “Our uniqueness is that we’re not looking only at the medical devices but the entire ecosystem around them. Not just a specific patient monitor, but the servers that aggregate all the patient monitors in the hospital.”
We go to great lengths to seek out the top hospitals and health professionals. Keeping those facilities safe from hackers is the latest twist in the quest for top-notch medical care in the 21st century.
For more information, click here