Chris Risley, Bastille Networks

Diagnosing Healthcare’s Radio Frequency Problem

By Chris Risley
Chris Risley, Bastille Networks

As hackers target blind spots in wireless communications, medical devices running on various networks across the wireless spectrum pose big risks for healthcare facilities.

The adoption of telemedicine and wireless technologies in healthcare has put the threat of radio frequency (RF) attacks at an all-time high. As hackers target blind spots in wireless communications, medical devices running on various networks across the wireless spectrum pose big risks for healthcare facilities.

Healthcare: An Attractive Hacking Target

With both financial and personal data potentially available, healthcare is an attractive target for hackers. But in recent years, hacking has taken an even more dangerous turn. The 2017 St. Jude pacemaker hack underscored how the exploitation of wireless devices could potentially be life threatening. The hack could have allowed bad actors to not only access sensitive information, but actually allowed them to issue commands to potentially modify the pacemaker activity. A similar vulnerability was discovered in a Johnson and Johnson insulin pump.

Register for the 2nd Annual Legacy Medical Device Cybersecurity Conference | A Virtual Event | September 22–23, 2020 Even before COVID-19, healthcare security was already jeopardized when the SweynTooth vulnerabilities were announced. These vulnerabilities were found in most Bluetooth Low Energy (BLE) devices and the modern hospital is full of such wireless devices. That’s why, for the first time in my experience, a Bluetooth vulnerability warning came from the FDA and not the FCC. A device undergoing a SweynTooth attack could be stopped or taken over by an attacker from another part of the building or from the parking lot, invisibly by radio.

The risks to healthcare organizations have only amplified with COVID-19 and the mass adoption of remote work. Non-essential healthcare workers are now accessing corporate networks from unsecured devices, putting facilities more at risk than ever before. Employees using wireless devices at home can have their connections hi-jacked by devices in nearby apartments. As a result, IT teams are tasked with monitoring devices that aren’t connected to their network. And when employees do come to work, they are unknowingly bringing potentially vulnerable devices into facilities such as FitBits, cell phones, hearing aids, and more. These rogue devices exist inside healthcare facilities today and are potential beachheads for cybercriminals to launch attacks such as exfiltrating sensitive patient data, and voice.

The Invisible Dangers of RF Attacks

With wired networks, we can see what is connected to what and where the signals are going. RF connections are invisible within clinical environments and without visibility, IT teams have no way of knowing what’s connected to what in their environment.

Earlier this year, the FDA issued a warning on the SweynTooth vulnerability, in which attackers can use radio signals to bypass security and take control of or shut down BLE medical devices. The SweynTooth BLE vulnerability is particularly troublesome because it’s hard to locate all the devices in clinical environments using BLE. When BLE devices pair with another device, they stop advertising their existence. This means that most BLE devices are invisible in healthcare environments. Once attackers have a compromised device inside a healthcare facility, cybercriminals can then use it as a beachhead to attack other systems within the network. Even more troubling, devices can be compromised outside healthcare facilities unbeknownst to their users and then be carried in on the wrists or ears of innocent users.

The only protection healthcare corporations have against SweynTooth exploits is to find all the BLE devices operating in their facility and getting their firmware patched to the most recent version.

Protecting the Healthcare Industry from RF Risks

As wireless technologies become an important part of patient care transformation, how can healthcare facilities safeguard invisible threats that they can’t detect?

  1. RF Awareness: For starters, security professionals must understand what communication is taking place between devices in their airspaces, this is essential to safeguard their valuable data from preventing RF attacks.
  2. Evaluate RF Technology: Security teams need to evaluate RF products that will provide the ability to discover, locate and mitigate radio-borne threats to their assets, facilities and networks.
  3. Adopt RF Solutions: Traditional security technology cannot detect devices operating within the radio frequency. This makes it critical for healthcare facilities to deploy technology that detects devices in the corporate airspace in real-time, 24×7 and not just with a one-off annual security sweep. Deploying RF security technology will equip security teams with complete visibility to detect, identify and locate known and unknown devices to thwart risky radio frequencies.

Until addressed, exploitation of wireless devices in healthcare networks will continue to grow. Vulnerable wireless communications leave the door wide open for cyber crooks to launch a hack. It is up to the healthcare facilities to adopt and implement advanced RF security solutions to give their organizations a clean bill of health against potentially devastating RF attacks.

About The Author

Chris Risley, Bastille Networks