Tips for Improving Security in Medical Devices

Connecting your medical device to stuff? Good. Secure those communication channels, though!👇 Device connectivity has benefits for patients, physicians, and manufacturers. But it also results in cybersecurity vulnerabilities that can be exploited. Threat actors (bad guys) have varying motivations: from harming a specific patient to attacking an entire network to extract ransom. At a high level, they use three tactics to cause harm: ↳ Steal data ↳ Disable functionality ↳ Hijack devices (one or many at a time) They do this through various tactics described below. An important step in preventing these tactics is to identify your system's communication channels and understand their vulnerabilities. Here are some common attacks for various channels and examples of mitigation strategies: 𝗠𝗮𝗻-𝗶𝗻-𝘁𝗵𝗲-𝗠𝗶𝗱𝗱𝗹𝗲 (𝗠𝗜𝗧𝗠) 𝗔𝘁𝘁𝗮𝗰𝗸𝘀: Intercepting and modifying communication between a device and its connected system. ↳ Mitigation: Use strong encryption (e.g., TLS) and certificate-based mutual authentication. ↳ Channels: BLE, Wi-Fi, Cellular, Ethernet 𝗝𝗮𝗺𝗺𝗶𝗻𝗴 𝗼𝗿 𝗦𝗶𝗴𝗻𝗮𝗹 𝗜𝗻𝘁𝗲𝗿𝗳𝗲𝗿𝗲𝗻𝗰𝗲: Overwhelming communication channels with noise to disrupt connectivity. ↳ Mitigation: Use frequency hopping or spread-spectrum techniques and monitor for signal anomalies. ↳ Channels: ISM, BLE, Wi-Fi 𝗗𝗮𝘁𝗮 𝗘𝘅𝗳𝗶𝗹𝘁𝗿𝗮𝘁𝗶𝗼𝗻: Unauthorized access and extraction of sensitive data. ↳ Mitigation: Encrypt all data in transit and use intrusion detection systems (IDS). ↳ Channels: Wi-Fi, BLE, Cellular, Ethernet, Serial 𝗥𝗲𝗽𝗹𝗮𝘆 𝗔𝘁𝘁𝗮𝗰𝗸𝘀: Reusing intercepted data packets to mimic legitimate actions. ↳ Mitigation: Use time-stamped or sequence-numbered communications and nonce-based protocols. ↳ Channels: BLE, NFC, Serial 𝗨𝗻𝗮𝘂𝘁𝗵𝗼𝗿𝗶𝘇𝗲𝗱 𝗔𝗰𝗰𝗲𝘀𝘀: Gaining control or access to a device without proper authorization. ↳ Mitigation: Enforce strong authentication and secure physical access points. ↳ Channels: Serial, USB, BLE, Ethernet 𝗥𝗼𝗴𝘂𝗲 𝗕𝗮𝘀𝗲 𝗦𝘁𝗮𝘁𝗶𝗼𝗻𝘀 𝗼𝗿 𝗙𝗮𝗸𝗲 𝗔𝗰𝗰𝗲𝘀𝘀 𝗣𝗼𝗶𝗻𝘁𝘀: Tricking devices into connecting to malicious networks to steal or manipulate data. ↳ Mitigation: Verify network authenticity and use private APNs or trusted certificates. ↳ Channels: Cellular, Wi-Fi 𝗠𝗮𝗹𝘄𝗮𝗿𝗲 𝗜𝗻𝗷𝗲𝗰𝘁𝗶𝗼𝗻: Installing malicious code to compromise device functionality. ↳ Mitigation: Use endpoint protection and digitally sign firmware and software updates. ↳ Channels: USB, Serial, BLE, Wi-Fi, Cellular, Ethernet 𝗦𝗽𝗼𝗼𝗳𝗶𝗻𝗴 𝗔𝘁𝘁𝗮𝗰𝗸𝘀: Impersonating a legitimate device or user to gain unauthorized access. ↳ Mitigation: Use cryptographic identity verification and device whitelisting. ↳ Channels: BLE, Wi-Fi, Cellular, Ethernet There are many other cybersecurity threats, but it all starts with communication channels. So secure those channels! And if you have any cybersecurity horror stories or worries, drop them in the comments.

Cybersecurity testing is crucial for demonstrating that the controls you've implemented are effective in a real-world security context. 🔬 FDA expects to see a comprehensive and well-documented cybersecurity testing program in premarket submissions. A common FDA objection in this area is: "you did not provide adequate cybersecurity testing which is important to comply with the requirements specified in section 524B(b)(2) of the FD&C Act to provide a reasonable assurance that the device and related systems are cybersecure." This highlights the need to go beyond standard software testing and include specific cybersecurity testing activities. The FDA guidance, "Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions," provides helpful recommendations on cybersecurity testing (page 26). This includes testing activities such as requirement verification, threat mitigation, and vulnerability testing (including fuzz testing, vulnerability scanning, and penetration testing). Remember to provide detailed test reports that clearly demonstrate the effectiveness of your controls in mitigating identified threats. 📑 This helps build confidence in the safety and security of your device.

Security researchers found over 1.2 million medical IoT devices leaking patient data, including 174,000 in the U.S. It feels like every week there’s a new IoT vulnerability that could have been avoided. In 2025, it’s surprising to keep seeing the same mistakes. Here’s what medical device manufacturers should always do: ✔ Devices that do not have a clear reason to be on the open internet should never be reachable there. Use private networks, VPNs, or other protections. ✔ Make it possible for IT teams to keep hundreds of different device types up to date without juggling unique schedules and tools for each one. ✔ Ship devices with unique passwords and secure defaults from the factory. If security depends on users remembering to change a setting, it isn’t strong enough. My hope is that by next year, headlines like these are the exception, not the rule. https://lnkd.in/efu35gMV