With October National Cybersecurity Awareness Month (NCSAM), Intertrust is publishing a series of posts that expand on the NCSAM theme “If you connect it, protect it!” The third week of NCSAM focuses on Securing Internet-Connected Devices in Healthcare. This week’s post discusses medical device and healthcare app security, offering six improvement tips.
Prior to this year, connected medical device and application use was growing at a rapid but steady clip. Their adoption has helped healthcare providers improve patient care, increase healthcare access, and drive operational efficiency. They also create a greatly expanded attack surface for hackers to target. Reports show that healthcare organizations are attacked at more than double the average rate of other industries.
That was all before the COVID crisis. The ongoing pandemic has drastically altered the connected healthcare landscape, accelerating the usage of telehealth and other remote healthcare delivery systems by as much as 11,000% for some populations. Not surprisingly, healthcare institutions have seen a corresponding rise in security breaches. And specifically, there has been “a sharp uptick in attacks on medical devices during COVID-19.”
There are multiple reasons that healthcare apps and devices face higher levels of threat, including:
- Medical records are far more valuable to hackers than other stolen data as they contain more information. They can go for over $1,000 on the black market.
- Time is of the essence in patient care and healthcare organizations may be more likely to capitulate to extortion demands such as in a ransomware attack.
- Staff need to access data on-the-go, from multiple devices, which may not be secure. One compromised device can expose the whole organization.
- Hospitals invest millions in devices that can become outdated and vulnerable in terms of security, but updating may not be feasible or possible and replacement is cost prohibitive.
How to improve medical device and healthcare app security
1. Regularly update devices and apps when possible, mitigate when not
It’s critical that medical devices and the apps they interact with are kept up-to-date. As mentioned earlier however, the high initial outlay of IoT medical devices means that their users, hospitals, and clinics are likely to keep using unsecure and legacy medical devices. For hackers, this presents a multitude of attack vectors, for example preying on the security flaws of an OS that is no longer supported.
When it is simply not possible to replace outdated devices with more secure alternatives, healthcare organizations should employ mitigation strategies. Stop devices from connecting online unless needed for operational purposes, exclude certain types of connections through an “allowlist” or “denylist,” and partition networks and traffic to protect devices and the broader network.
2. Harden code against reverse engineering
The uses of medical mobile applications are many—from heart monitors on a smartwatch, to apps that monitor and control connected medical devices such as insulin pumps, to conducting virtual doctor visits. No matter the application purpose, however, one of the best ways to improve healthcare app security is by hardening its source code against reverse engineering. Reverse engineering is the first step in nearly every attack on an application. Attackers use it to pinpoint vulnerabilities, discover trade secrets (IP), and extract credentials.
There are several methods that can be deployed to protect code from reverse engineering. These include:
- Code obfuscation: The addition of nonsense code, changing the code’s flow, flattening the code structure, altering metadata, and constantly updating and inserting new obfuscated code, all make the code harder to read.
- Diversified builds: By diversifying builds, cracking one application’s code won’t automatically compromise all other similar systems.
- Binary packing: By using a packer to encrypt and compress code, and only unpacking it during the execution of an application, static analysis can be almost entirely eliminated.
- Anti-debugging: Debuggers are a legitimate tool to check for coding flaws but hackers regularly use them to identify vulnerabilities they can exploit. Anti-debugging techniques detect the use of a debugger and take a defensive action.
3. Protect apps and devices from tampering
For healthcare applications, the consequences of code tampering can be dire. Besides the theft of highly sensitive medical records, altered patient information could lead to the wrong treatments, connected devices could be used to harm rather than help, and malicious inserted code could take down critical care systems. Medical application developers can embed various protections against code tampering:
- Jailbreak/rooting detection: An application’s code becomes more vulnerable on a rooted/jailbroken device as it removes the security safety net of the OS. An app should be able to detect when it’s being run on such a device.
- Integrity checking: The most effective anti-tampering technique consists of inserting overlapping checksums that check whether code or other checkers have been tampered with. When tampering is detected, the app takes defined defense actions.
- RASP / intrusion detection and response: Apps can protect themselves by executing a defense response when a tampering attempt is detected. For example, sending an alert, preventing execution of some commands, deleting sensitive data, or shutting the app down.
4. Secure IoT devices with PKI
Use public key infrastructure (PKI) to embed secure identities into connected medical devices so that they can be deployed, operate, and communicate securely. PKI functions by assigning private cryptographic keys, backed by a trusted security certificate, which can authenticate the device’s identity, encrypt and decrypt data, securely update device software and firmware, and manage other device lifecycle functions.
This ensures that only legitimate devices connect to a healthcare network and allows data to be transmitted securely so that even if someone steals the data in transit, for example through a man-in-the-middle attack, they won’t be able to decrypt it. It also allows the revoking of certificates for devices that have been compromised.
5. Protect application encryption keys
Since the proxy app, which accompanies an IoT medical device, is often a softer target for hackers than the device itself, healthcare app security is essential to keeping patient data safe. One tactic is to ensure that, when possible, sensitive data isn’t held by the app itself but on the server, which can be protected more robustly with firewalls.
When data must be stored in the app or device, it should be encrypted using industry-recognized key ciphers. Encrypted data, however, is only secure if the associated cryptographic keys are kept protected. Keys should never be hard coded into applications and should be stored using hardware-backed storage methods when possible.
When there is no hardware support, or where there’s the possibility an app could be running in a compromised environment, white-box cryptography should be employed. White-box cryptography also protects keys against side-channel attacks, which pose a serious threat to both medical devices and apps. Side-channel attacks use unintentional physical signals, such as heat, sound, or time-elapsed to help attackers crack an app or device’s private keys.
Building security into healthcare apps and devices
For any tech firm involved in manufacturing connected medical devices or apps, healthcare app security needs to be a core consideration. At Intertrust, our industry-leading security solutions protect millions of devices and applications around the globe.
- whiteCryption Code Protection uses advanced in-app defense mechanisms to secure healthcare applications from tampering and reverse-engineering.
- whiteCryption Secure Key Box protects cryptographic keys whether at rest, in transit, or in use, with industry-leading white-box cryptography.
- Intertrust Seacert certificate authority and managed PKI service that makes it easy to embed agile, scalable, and secure device identities to get your IoT projects up and running quickly and safely.
To find out more about our security solutions and how they help keep the healthcare field safe from attack, download our healthcare security white paper.
Want to speak to a healthcare security expert directly? We’re here to help—contact us today.
About Prateek Panda
Prateek Panda is Director of Marketing at Intertrust Technologies and leads global marketing for Intertrust’s application shielding and device identity solutions. His expertise in product marketing and product management stem from his experience as the founder of a cybersecurity company with products in the mobile application security space.