Best listening experience is on Chrome, Firefox or Safari. Subscribe to Fed Tech Talk’s audio interviews on Apple Podcasts or PodcastOne
This week on Federal Tech Talk, host John Gilroy interviewed Michael Murray, founder and CEO of Scope Security. He offered insight on how devices in hospitals can be vectors for ransomware attacks.
This topic is important to the federal listener because the Veterans Health Administration is the largest health care system in the United States. By some estimates, it has 1,243 health care facilities and 170 VA Medical Centers. These facilities serve more than 9 million enrolled veterans. It will shock normal people when they think malicious actors are targeting hospitals.
During the interview, Murray provided shocking statistics about hospital cyber attacks. Quoting from a presentation he gave at a recent HIMSS conference, he claimed that 25% of hospitals have suffered a breach in the last three years.
One attack vector is older equipment that has not been upgraded or patched. Many attacks target known vulnerabilities — the typical hospital is full of older equipment. Budgets are tight and medical gear can be prohibitively expensive — for example, new MRI equipment can cost $1.2 million.
He went on to talk about the severely constrained budgets of most hospitals. As a result, they cannot afford to patch their internet of things devices for known weaknesses. Even if they could, there are many IoT devices in today’s hospital that can’t be patched — as many as 76%, he estimated.