Please do not leave this page until complete. This can take a few moments.
A major vulnerability in DNA sequencing equipment was discovered, highlighting the risks of cyberattacks on medical devices. The vulnerability was found, of all things, in DNA sequencing equipment made by San Diego biotech firm Illumina; discovered by its security team and subsequently patched. Such an intrusion could expose sensitive patient data or allow threat actors to alter genetic data or diagnostic testing results.
DNA sequencing is a powerful tool that has revolutionized the field of biology. It has allowed scientists to identify genes, understand how genes work, and diagnose and treat diseases. DNA sequencing is used to develop new personalized medicines tailored to the individual's genetic makeup.
Anything touching DNA is a serious privacy concern, but it is also a concern for digital forensics and custom cancer treatments. An attacker could taint evidence of a crime, mess with someone's life-saving medical treatment, or cast doubt on a device manufacturer, which would pose an integrity attack.
A vulnerability in DNA sequencing equipment could allow adversaries to gain access to sensitive patient data and use it to commit identity theft, fraud, or to take control of DNA sequencing equipment. This could allow threat actors to disrupt the equipment, which could have an impact on patient care.
Other manufacturers of medical devices need to take stock and take retaliatory measures such as compliance readiness and penetration testing to assess, prepare, and guard against vulnerabilities. Like computer networks, medical devices too are increasingly being connected to the internet, which makes them more risk-prone.
Cyberattacks on medical devices are on the rise. A 2021 report from the U.S. government found healthcare accounts for nearly a quarter of cyberattack events, the most of all industries. This trend is expected to gain momentum as medical devices become more software-driven and cloud-connected.
In response to these threats, a bipartisan bill sponsored by Sen. Bill Cassidy (R-LA) in April 2022 called the Protecting and Transforming Cyber Health Care (PATCH) Act, would require medical device manufacturers to ensure the cybersecurity of their devices. These requirements include conducting risk assessments, developing security plans, implementing policies to respond to cyber threats, and reporting security incidents like ransomware attacks.
The security guidelines below apply equally to health care and other industries, including small businesses:
• Implement security controls like firewalls, threat response, and intrusion detection systems.
• Regularly patch software and automate the updating of operating systems.
• Educate staff on cybersecurity best practices, including regular security awareness training to help identify, block, and report phishing scams.
• Conduct quarterly risk assessments and penetration testing.
• Have a mitigation plan in place, including a contact list of first responders in the event of cyberattack.
The PATCH Act is a significant step forward in the effort to protect patients from the risks of cyberattacks on medical devices. The bill is currently being considered by the Senate Health, Education, Labor, and Pensions Committee.
Stay connected! Every business day, WBJ Daily Report will be delivered to your inbox by noon. It provides a daily update of the area’s most important business news.
Sign upWorcester Business Journal provides the top coverage of news, trends, data, politics and personalities of the Central Mass business community. Get the news and information you need from the award-winning writers at WBJ. Don’t miss out - subscribe today.
SubscribeWorcester Business Journal presents a special commemorative edition celebrating the 300th anniversary of the city of Worcester. This landmark publication covers the city and region’s rich history of growth and innovation.
See Digital EditionStay connected! Every business day, WBJ Daily Report will be delivered to your inbox by noon. It provides a daily update of the area’s most important business news.
Worcester Business Journal provides the top coverage of news, trends, data, politics and personalities of the Central Mass business community. Get the news and information you need from the award-winning writers at WBJ. Don’t miss out - subscribe today.
Worcester Business Journal presents a special commemorative edition celebrating the 300th anniversary of the city of Worcester. This landmark publication covers the city and region’s rich history of growth and innovation.
In order to use this feature, we need some information from you. You can also login or register for a free account.
By clicking submit you are agreeing to our cookie usage and Privacy Policy
Already have an account? Login
Already have an account? Login
Want to create an account? Register
In order to use this feature, we need some information from you. You can also login or register for a free account.
By clicking submit you are agreeing to our cookie usage and Privacy Policy
Already have an account? Login
Already have an account? Login
Want to create an account? Register
This website uses cookies to ensure you get the best experience on our website. Our privacy policy
To ensure the best experience on our website, articles cannot be read without allowing cookies. Please allow cookies to continue reading. Our privacy policy
0 Comments