Anatomy of Medical Device Cyber Attacks

On Cyber Attacks

[By Bertran Mesko, MD PhD]

According to studies by PWC and the SANS Institute, 94% of healthcare organizations have been victims of a cyber-attack.

As we use more and more devices from smartphones to wearable sensors, your online privacy can have a very real impact on our health and well-being. When hacked, even simple wearables can yield private information about our vital signs and reveal personal health problems and insight into our habits (like when we regularly go running) that’s best kept from the public eye.

More threatening are the findings of security researchers who managed to prove that a deadly overdose of medication could be administered remotely via a vulnerability in certain insulin pumps.

HIT Dangers

Let’s see the dangers facing our health information, and a few easy tips you can use to boost your privacy levels quickly.


The dangers facing healthcare privacy


Arxan recently surveyed trends and dangers threatening the privacy of healthcare data.


Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact:


Dictionary of Health Insurance and Managed Care

Product DetailsProduct DetailsProduct Details



One Response

  1. TheDarkOverlord’s extortion which I discovered on Twitter three days ago, was no hoax after all.

    “Cyber extortion gang hits again, striking ABC, clinics across U.S. – The cybercrime gang known as The Dark Overlord appears to operate from an English-speaking country, although details are murky.” By Tim Johnson for McClatchy News, June 12, 2017.

    thedarkoverlord‏ @tdohack3r: “La Quinta Center for Cosmetic Dentistry refused our kind offer, so here’s their 6.300 records”

    The reporting of the tweet was intentionally delayed, I assume, to properly warn over 12,000 patients whose identities were posted on the internet. Perhaps the delay of reporting on publicly-available identities was prudent. If I were one of the thousands of dental patients whose identities are available I would certainly want to know about it before the word gets out.

    But then again, immediately is probably not soon enough: “FTC finds thieves attempt to use stolen data within 9 min of breach” By Robert Abel for SC Media, May 26, 2017.

    Neither is the 60 days HIPAA allows before providers must notify patients of a breach. Crime moves faster than HIPAA, and digital dental records have always been soft targets with huge payoff. Anyone interested in de-identification yet?

    Damn, I miss Justin Shafer. The security expert who has been publicly thanked by Homeland Security on 8 occasions for reporting software vulnerabilities affecting hundreds of thousands of patients sits in jail. The world misses you, Justin.

    D. Kellus Pruitt DDS


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: