preview

Nt1310 Unit 1 Term Paper

Better Essays
In this section we investigate attacks and threats to our primary devices. These attacks and threats are built off of the vulnerabilities the previous section and help to determine which security controls would be most valuable against future attacks. Healthcare Vulnerabilities can and will be used by attackers if activity tracking devices, insulin pumps, pacemakers, and other medical devices if they are not corrected by manufacturers. Attacks on healthcare IoT devices exposes the user to theft of their PHI and may potentially put the user’s life at risk. Given the device vulnerabilities discussed in the healthcare portion of section VI, attacks and threats must be analyzed to fully recognize the need to secure IoT devices in the healthcare…show more content…
These programmers communicate with the pacemaker via wireless radio frequency as well as telemetry to make device adjustments and monitor device functions. Physician programmers require no authentication to program pacemaker devices [15]. This is true for all pacemakers. The lack of required authentication is a point of concern because of the potential for risk. As was mentioned, pacemaker manufacturers warn of prolonged exposure to cellphones, metal detection systems, and other electrical devices for risk of misinterpretation by the pacemaker. The electrical impulses these devices emit could be read by the pacemaker as a heartbeat which could cause the device to malfunction or fail [17]. Deliberate attacks on pacemakers have been tested and provide troubling results. Within a 50-foot proximity, an attacker can deliver a lethal 830v jolt to a user’s heart from a laptop [13]. On the hard drives of two pacemaker devices both encrypted and unencrypted data was found by researchers for the technology research company WhiteScope. The researchers found that one unnamed pacemaker device stores unencrypted PHI such as patient and physician names, treatment data, and, most concerning, patient social security number [15]. This information can be collected and sold through black market
Get Access