Cybersecurity and IoT: Health Care and Well-Being in our Shared Spaces

Last updated: 07/07/2021

As the extraordinary situation of the COVID-19 crisis continues and more such supervirus incidents will occur, the benefits that IoT can provide will be even in more demand.  We are already seeing how IoT plays a significant role in modernising healthcare and disaster prevention, public safety and security, supply chain, and manufacturing and production.  

The Good We’ve Seen

In Hong Kong, the government has deployed smart wristbands to monitor city residents1 quarantined inside their homes.  Accelerating the timely discovery of outbreaks, these smart medical devices, powered with internet of things (IoT) technology, play an important role in containment of outbreaks like COVID-19 and prevent future pandemics.

Prior to COVID-19 pandemic, Japan was preparing for Tokyo 20202, the smartest Olympics ever with self-driving cabs to transport guests between sports venues, robotic guides, immersive virtual reality and crowd control directed by artificial intelligence.  Getting ready to welcome 11,000 athletes with 4 to 7 million on-site spectators from Japan and all over the world, this would have been a wonderful showcase of IoT tech and applications from a country that is already a technological leader in robotics and consumer electronics.  Unfortunately, the event is postponed 12 months, though the Olympic Committee resolves to have the games, it’s not clear how much of IoT tech applications will be used.

As public venues have been opening up in the past several weeks, there is a serious challenge of getting business going and the health and safety of people using the same facilities.  How can public toilets be kept safe and clean for everyone to use?  A common need at medical centres, restaurants, shopping malls, and any city where visitors would rely on public toilets. One new IoT company on the scene, Inferrix, has a solution for the “COVID Secure Washroom”, as described on their website: Inferrix wireless edge-intelligent sensors on the washroom doors show a red light to alert visitors if the washroom is unsafe to use. Any washroom can be installed in less than 1 hour.  We can easily imagine its application to be useful in office spaces near shared kitchen areas or study areas of public or university libraries as well.

When we reflect on the role that IoT played over the course of the pandemic, there are more notable instances. For example, telehealth consultations meant that there was a reduced risk of transmission that would otherwise have been prevalent with face to face consultations. Secondly, robot assistance is used to disinfect contaminated areas and objects, both protecting health carers and giving health carers more time to care for their patients. China was the first country to use Danish made UVD robots using IoT and help to disinfect treatment areas in nursing homes and clean patient rooms.

The Not So Good

In a 2019 study of security of IoT devices3, data revealed that more than twice the number of vulnerabilities were detected compared to six years earlier.  As covered in in our last blog post, cyber attacks from IoT risks have surged 300% and the UK and US are catching up on regulations to ensure companies safeguard devices. In March 2020 researchers found4 that more than half of all internet of things (IoT) devices are vulnerable to medium- or high-severity attacks, with 98% of all IoT device traffic being unencrypted.

As we’ve seen during the COVID-19 crisis, even when everyone else was rallying together, cyber criminals targeted vulnerable organizations in the health sector: data-stealing ransomware on US pharma company5 and Europe’s largest private hospital6, Czech republic hospital’s computer systems were attacked when their focus was on running coronavirus tests, and in the UK two construction companies building emergency hospitals were hacked7.

Such attacks can become more sophisticated and more dangerous to individuals using new health technology apps and devices used to provide medication or daily survival needs.

Bringing Tech Out for Good

Connected devices are available using cellular connectivity which are allowing doctors to rely on patients to use connected out-of-the-box devices for special readings to be sent directly to the doctor from the device (temperature, blood pressure, glucose meters).   Such technology is not limited to medical practitioners and is already available for anyone.  A user created a smart system to monitor his diabetic brother’s blood sugar8 (glucose) levels using an app, a data logging platform that processed data from his brother’s glucose sensor to make his own healthcare monitoring system.

Similarly, Australia saw its first ‘virtual hospital’9 open shortly before the COVID-19 pandemic hit through Royal Prince Alfred Hospital (RPA) in Sydney. Data from pulse oximeters used to measure oxygen saturation levels and heart rates along with armpit patches to track temperature were transmitted to the hospital. In addition, video-consultations allow coronavirus patients to receive the care they need without the risk of transmission. 

Recently, we have seen evidence of health providers recognise the risks surrounding IoT devices and the need to incorporate security standards to protect against malicious hackers. For example, University Hospitals of North Midlands NHS Trust has opted to trust Ordr with providing a systems control engine (SCE)10 which will locate and secure every connected device. This includes Internet of Medical Things (IoMT), Internet of Things (IoT) and Operational Technologies (OT) devices.

Security, safety, and data privacy considerations are important aspects of designing, building and maintaining such systems to protect the identity and well-being of the individual.  We’d hate to think about incidents where devices give wrong information due to a malicious actor – getting the wrong medication, dosage, or advice could have serious, even lethal consequences.  Having IoT devices and apps to create a safer world requires more scrutiny and protective measures designed as part of the solution.  As many of these solutions will be designed for one person’s use, customised to their medical needs or specific daily routines, it’s essential they are maintained, updated, and when no longer maintainable that they are properly turned off and disposed of.

Check out IoT For All Podcast with Christopher Schouten of Kudelski Group11.  He talks about necessary considerations to secure IoT projects, making sure they can scale as well as be practical in protecting what is valuable. 

Although the transformational journey to an IoT world seems daunting, the capabilities of IoT to bring high-tech care and consultancy out of the clinic and into homes and vulnerable communities across the world presents a thrilling opportunity.  Health care and IT experts, technicians, research scientists and security experts are collaborating, as are carers, policy makers and administrators.  Altogether, the confluence of tech and human intelligence will continue to evolve and strive to protect all that is worth protecting.  COVID-19 and cybercrime are making seismic shifts in worldwide health and safety, threatening our prosperity. Let’s defend the world, use technology for good and build the world we want.

If you are a developer or have a software development team using open source components, learn how  Meterian automates monitoring of software applications for open source risks and vulnerabilities.  Read about Meterian-X: Invisible Security for your Open Source Security Management in IoT systems and devices.

1 Doffman, Zak. “Coronavirus Police Surveillance Tags Are Now Here: Hong Kong First To Deploy.” Forbes, 17 March 2020, https: //www.forbes.com/sites/zakdoffman/2020/03/17/alarming-coronavirus-surveillance-bracelets-now-in-peoples-homes-heres-what-they-do/?sh=227b12984533

2 Hallet, Rebecca. “Tokyo on track for smartest Olympics ever”. Raconteur, 20 February 2020, https ://www.raconteur.net/technology/internet-of-things/iot-tokyo-2020/

3 Coble, Sarah. “Vulnerabilities in IoT Devices Have Doubled Since 2013”. Info Security, 17 September 2019, https ://www.infosecurity-magazine.com/news/vulnerabilities-in-iot-devices/.

4 O’Donnell, Lindsey. “More Than Half of IoT Devices Vulnerable to Severe Attacks”. threat post, 11 March 2020, https:// threatpost.com/ half-iot-devices-vulnerable-severe-attacks/153609/.

5 Whittaker, Zack. “Hackers publish ExecuPharm internal data after ransomware”. Tech Crunch, 27 April 2020, https: //techcrunch.com/2020/04/27/execupharm-clop-ransomware/.

6“Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware”. KrebsonSecurity, 6 May 2020, https: //krebsonsecurity.com/2020/05/europes-largest-private-hospital-operator-fresenius-hit-by-ransomware/.

7 “Coronavirus: Cyber-attacks hit hospital construction companies” BBC News, 13 May 2020, https: //www.bbc.co.uk/news/technology-52646808.

8 Anx, Quintessant. “Healthcare IoT: Monitoring Diabetes with Logz.io” Logz.io, 11 December 2018, https: //logz.io/blog/healthcare-iot-monitoring/.

9 Minion, Lynne. “‘Flattening the curve’ with virtual care in Australia'” Healthcare IT News, 30 June 2020,  https: //www.healthcareitnews.com/news/europe/flattening-curve-virtual-care-australia

10 Crouch, Hannah. “University Hospitals of North Midlands deploys Ordr cyber security solution”. digital health, 6 May 2021, https: //www.digitalhealth.net/2021/05/university-hospitals-of-north-midlands-ordr/

11 “Security Challenges in the IoT Landscape | Kudelski Group’s Christopher Schouten”. iot for all, 5 May 2020, https: //www.iotforall.com/podcasts/e064-iot-security-considerations.

Cybersecurity and IoT: Health Care and Well-Being in our Shared Spaces

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s