Report: Ransomware Attacks on IoT Medical Devices Will Likely Increase | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Report: Ransomware Attacks on IoT Medical Devices Will Likely Increase

November 29, 2016
by Heather Landi
| Reprints
The Intel Security report also predicts that the volume and effectiveness of ransomware attacks will go down in the second half of 2017

Cyber attackers are increasingly breaching Internet-enabled medical devices using ransomware and this is likely to continue for the next two to four years, according to Intel Security’s recent McAfee Labs 2017 Threats Predictions Report.

According to the threat predictions report, in which Intel Security interviewed 31 security thought leaders, while it is not currently known why attackers are breaching medical devices that collect patient data, the attacks are happening and medical data is being exfiltrated.

“More ominously, medical devices that monitor and control human systems—including pacemakers, insulin pumps, and nerve stimulators—are all becoming Internet enabled. Unethical attackers will see these medical devices as the next step in their journey beyond hospital ransomware attacks. Hospitals are successful ransomware targets partly because they need immediate access to information. A pacemaker is an ultimate example of the need for immediate access, so attackers will attempt to find vulnerabilities in these devices as they become Internet enabled and will be able to extort a great deal of money if they are successful,” the report authors wrote.

The prediction about attacks on Internet-enabled medical devices is just one of 21 predictions in the report regarding Internet of Things (IoT) security threats, legal actions and vendor responses in the next four years.

According to the Intel Security report, IoT threats and breaches will prompt political and regulatory responses. “The speed of technology advancement will hinder effective legislation, and vice versa. Differing and even contradictory regulations among countries will make things more difficult for consumers, device manufacturers, and service providers,” the report authors wrote.

Intel Security’s researchers also note that it is possible that hackers understand the consequences of attacking hospitals and other critical infrastructure and pose the question of whether there is “honor among thieves.”

“After a recent ransomware attack on a California hospital, some members of the hacker community belittled the attackers as the “dumbest hackers ever, like they couldn’t hack anything else,” and “if someone were to die or be injured because of this it is just plain wrong.” As unlikely as it sounds, hackers usually have some degree of compassion. As financially appealing as some IoT attacks appear, the potential to cause injury or death will make some of them think carefully about their actions and limit the number and severity of attacks,” the report authors wrote.

Broadly, the Intel Security threat predictions report outlined 14 threat trends to watch in 2017. Intel Security researchers predict that ransomware will remain a significant threat and will peak in the middle of next year. “Ransomware-as-a-service, custom ransomware for sale in dark markets, and creative derivatives from open-source ransomware code will keep the security industry busy through the first half of the year,” the report authors wrote.

However, on a slightly positive note, the researchers predict that ransomware’s impact across all sectors and geographies will force the security industry to take decisive actions and the volume and effectiveness of ransomware attacks will subside in the second half of 2017. “We predict that initiatives like the No More Ransom! collaboration, the development and release of anti-ransomware technologies, and continued law enforcement actions will reduce the volume and effectiveness of ransomware attacks by the end of 2017,” the report authors wrote.

The 13 other industry-spanning threat predictions from Intel Security include”

  • Vulnerability exploits on Windows cools down as other platforms heat up
  • Hardware and firmware threats an increasing target for sophisticated attackers
  • “Dronejacking” places threats in the sky – researchers cite an example of a drone outfitted with a full hacking suite that would allow it to land on the roof of a business and attempt to hack into the local wireless network
  • Mobile threats to include ransomware, RATs, compromised app markets
  • IoT malware opens a backdoor into the home
  • Machine learning accelerates social engineering attacks
  • The explosion in fake ads and purchased “likes” erodes trust
  • Escalation of ad wars boosts malware delivery
  • Hacktivists expose privacy issues
  • Law enforcement takedown operations put a dent in cybercrime
  • Threat intelligence sharing makes great strides. “The Cybersecurity Information Sharing Act provides legal foundations for sharing threat intelligence between the US government and the private sector, and between private sector organizations with liability protection extending to the sharing entities. With this liability protection now afforded them, American corporations are evaluating their sharing polices. We should see much more threat intelligence sharing in 2017,” the report authors wrote.
  • Cyber espionage: industry and law enforcement join forces
  • Physical and cyber security industries join forces


Regarding security challenges, the Intel Security report authors concluded, “Increasing our threat defense effectiveness throughout the security industry will be key to staying ahead of the adversaries. It is critical that multiple industry participants work together to solve big-picture problems that cannot be addressed by simple patches or software updates. We need to share information more broadly among industry leaders to not only give us greater volume and detail in telemetry, but also aid in deception techniques. By increasing our use of predictive analytics, improving security visibility with both organizational assets and decentralized data, and reducing our use of dedicated agents, we can increase our effectiveness in the threat defense lifecycle.”

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Boston Children's Accelerates Data-Driven Approach to Clinical Research

In an effort to bring a more data-driven approach to clinical research, Boston Children’s Hospital has joined the TriNetX global health research network.

Paper Records, Films Most Common Type of Healthcare Data Breach, Study Finds

Despite the high level of hospital adoption of electronic health records and federal incentives to do so, paper and films were the most frequent location of breached data in hospitals, according to a recent study.

AHA Appoints Senior Advisor for Cybersecurity and Risk

The American Hospital Association (AHA) has announced that John Riggi has joined the association as senior advisor for cybersecurity and risk.

Report: Healthcare Accounted for 45% of All Ransomware Attacks in 2017

Healthcare fell victim to more ransomware attacks than any other industry in 2017, according to a new report from global cybersecurity insurance company Beazley.

Study: Use of EHRs Does Not Reduce Administrative Costs

A recent study by Duke University and Harvard Business School researchers found that costs for processing a single bill ranged from $20 for a primary care visit to $215 for an inpatient surgical procedure, or up to 25 percent of revenue.

Kibbe to Step Down as CEO of DirectTrust

David Kibbe, M.D., M.B.A., announced he would step down as president and CEO of DirectTrust at the end of the year.