Cybersecurity Insight

Are You The Next Medjacking Victim?

25 Oct

IoT-connected devices are in the news for all the wrong reasons lately – and this particular one is a doozy. “Medjacking” isn’t a term often found in the day-to-day lexicon but it should be, especially since it could become a matter of life or death.

Potentially affecting devices like pacemakers and x-ray machines, medjacking is defined as hacking into a device with the express intent to harm the patient being treated. Once a tall tale, it has become a serious concern to the point that the FBI issued a warning this past year to current and future patients, along with medical facilities utilizing these IoT-connected devices. Still not convinced? Imagine that a hacker weaseled their way into your loved ones pacemaker, an instrument essential to their livelihood. In exchange for releasing their control, they demand an exorbitant amount of money for the ransom payment. This situation could easily become a reality if proper security protocols are not taken by device companies, the hospitals that use them and the patients that rely on them every day.

After receiving a heart defibrillator, former Vice President Dick Cheney immediately had the wireless option disconnected and cited medjacking as his reasoning for doing so – keep in mind that was in 2007. Considering the leaps and bounds both hackers and cyber security protection options have taken, now is the time to consider the options organizations and patients have to protect themselves before it’s too late. On the patient side, knowing whether the device has wireless capabilities is half the battle. If that is the case, understand whether that feature can be turned off, or if it can’t, how to properly safeguard the device. For larger medical organizations dealing with IoT-connected devices within their office walls, having a managed and monitored cyber security services provider will not only allow for a fully secured environment, but lends itself toward the ideal of a firm that is able to grow and expand without the hinderance of a possible cyber attack.