COVID-19 and the Security of Medical IoT Devices

By on

Click here to learn more about author Harsh Arora.

The global pandemic has affected the digital space in a drastic way. There were times when people used to be afraid when they were told to be digital, and now, we don’t have much of a choice. The current crisis has prompted the medical sector to utilize every kind of technology for the best of its patients, and one of these is the use of medical or healthcare IoT.

What Is Medical or Healthcare IoT?

IoT means the internet of things, and medical IoT is just one branch of it. It refers to the sharing and collecting of data with minimal intervention from humans. The usage of applications and devices which ease the tension and give appropriate data and analyses is the need of the hour.


Choose from a wide range of on-demand Data Management courses and comprehensive training programs with our premium subscription.

As the use of technology has always been better and more advanced than traditional means, medical IoT has helped the healthcare sector in a number of positive ways. Devices like the massage gun used in physiotherapy, smart inhalers for people with asthma, or connecting an IoT monitor to machines (which would report if they require maintenance or any repairs) have helped the medical sector improve their services in a lot of ways.

Coronavirus and Medical IoT

In the wake of the coronavirus, medical IoT companies have now started to deliver solutions to cope with the increasing requirement for efficient, high-quality services. One tool used to help mitigate the rapidly-spreading pandemic is the medical connectivity that is helping the entire sector by providing smart solutions to hospitals, pharmaceutical companies, and the development of vaccines in labs.

There are apps like Telemedicine, which helps to monitor the patient remotely, and interactive medicine, which provides inpatient monitoring. These can help in social distancing, which is hugely important right now.

Suppose advancements are being made in any industry. In that case, it calls for secure connections, enhanced storage, and the ability to store massive amounts of data to protect industries from backtracking.

Many hospitals and other medical care facilities had already started to make more use of IoT services prior to the pandemic (starting in 2019). Unfortunately, many of these devices are not yet ready in terms of security.

This is not new, but the sensitivity of the current crisis has made the experts think about this more than usual.

Below we outline how some of these IoT devices are helping to fight coronavirus and what some security concerns around them may be:

  • There are many IoT systems that were already in place before the pandemic began, and now these devices are struggling to accommodate the historic surges in demand. This is happening because many of these hospitals failed to maintain a good cybersecurity record. Reports have stated that the number of ransomware and various other cyberattacks have climbed all around the world, and the medical industry is one of the industries topping the list.
  • Researchers in Israel recently claimed that they were going to produce a digital virus that will have the capacity to add fake tumor reports in CT and MRI scans to fool doctors into issuing false diagnoses for high profile patients.
  • Healthcare sectors have been showing a lot of concern regarding cybersecurity, which is affecting the healthcare systems and doctors who are concerned about their patients’ health.
  • While the facts demonstrate that over-eager security conventions can hinder the working of medical IoT systems or make them too complex for professionals to utilize them adequately, in all truth, cybersecurity and a patient’s wellbeing are closely connected. Research shows us that data gaps in hospitals can increase someone’s mortality rate by 30 days. So, it’s important that our healthcare professionals prioritize the importance of cybersecurity.
  • Another related problem that takes place is when patients are given access to use and monitor medical IoT devices via their smartphones. This does empower patients’ monitoring systems, but it also increases the chances of attacks via these systems.

Not everyone is aware of how to secure their smartphones, and giving them access to such sensitive platforms is a big threat the system can face. For instance, modern insulin pumps can be attached to a patient’s smartphone with the help of an unsafe Bluetooth protocol. This can ultimately lead to an easy attack due to poor cybersecurity.

Problems like these are very stressful for the system, and due to the ongoing pandemic and need for immediate results, many pharmaceuticals suppliers have shown interest in ruling out patient-focused healthcare IoT solutions altogether.

What Can Be the Possible Solutions?

For IoT engineers, it’s going to be a tough job, but improvising on these security issues is a must if the industry wants to gain any success in the near future. It’s not as if efforts have not been made to improve this technology and make things better and easier for everyone.

An FDA guide published in 2016 states that all the data which is stored in healthcare IoT should be encrypted when at rest and also during transit. This will ensure the patient’s data will be effectively protected from hackers and other security breaches. The problem with this solution is that not a lot of devices can be encrypted.

The reason not all devices can be encrypted is that most IoT device manufacturers have compromised the cost of security over connectivity, so they cannot encrypt and decrypt the data as they lack computing power.

It is suggested that IoT engineers start thinking a little more realistically and take a more practical approach to meet the appropriate levels of security needed in the field of medicine. Focusing on the loopholes in the existing systems should be considered the first step towards improving the security of these devices, especially for hospitals. Most of the engineers in this situation have turned towards air gapping, which helps by truly isolating secure and non-secure domains.

Leave a Reply

We use technologies such as cookies to understand how you use our site and to provide a better user experience. This includes personalizing content, using analytics and improving site operations. We may share your information about your use of our site with third parties in accordance with our Privacy Policy. You can change your cookie settings as described here at any time, but parts of our site may not function correctly without them. By continuing to use our site, you agree that we can save cookies on your device, unless you have disabled cookies.
I Accept