Читать книгу Do No Harm - Matthew Webster - Страница 34

There are multiple types of wireless connections for medical devices. The full range of wireless connectivity includes Wi-Fi, near-field communications (NFC), cellular, Bluetooth, and occasionally RFID. All have their strengths and weaknesses—especially when you consider the potential 20-year life span.

Wi-Fi is particularly attractive for many of the remote monitoring capabilities built into connected medical devices. There is an easy bridge to the internet, which means the system can be monitored in the cloud (more on the cloud in a while). From there, hospitals, doctors, and patients can be alerted in a moment's notice if there are any issues. As a result of COVID-19, the wireless technologies are gaining in popularity—especially as they relate to telemedicine. They are also important for some hospitals that have rooms that block cellular service (as a byproduct of blocking other systems).

Over Wi-Fi's comparatively long history there have been a great number of improvements, not only from the functional standpoint, but also with regard to security. The precursor to Wi-Fi, Wavenet, was created back in 1991—just after the dawn of the internet. Wireless signals were not encrypted back then. It would not be until 1997 that Wire Equivalent Privacy (WEP) was created and included with Wi-Fi devices. It had a 10- or 26-digit key written in hexadecimal, but with modern technology WEP can be hacked in under a second. What replaced WEP is Wi-Fi Protected Access or WPA. This was back in 2003. Now WPA has had several different iterations—WPA, WPA2, and WPA3. WPA3 was most recently included in modern Wi-Fi devices in 2018. The upgrades in encryption are substantial between the versions, but each one was replaced partially because vulnerabilities were discovered in the system.

Vulnerabilities are not the only problem with Wi-Fi. Configuration is also a huge problem. Many systems are configured to be encrypted. This is important because anyone in range can sniff the traffic over that connection. Having performed many Wi-Fi assessments myself, I know it is a very common problem. Interestingly enough I was just reading about a case where the FBI warned against using hotel Wi-Fi for work purposes because of the often-lax security standards in Wi-Fi configurations.²¹ Not every company gets Wi-Fi security right. Combine this with hospitals using IoMT systems for extended periods of times, and old insecure protocols in Wi-Fi are required to support older devices.

But let us switch to cellular systems. Right now, we are seeing the shift from 4G cellular technology to 5G technology. For many devices switching from one technology to another is not a huge challenge—often, but not always, it is a feature that can be plugged into a motherboard that can be easily replaced. But, as you may have guessed, cellular technologies are not without their vulnerabilities that can be easily exploited. One of the black market accessible devices are “Stingrays,” which are also known as International Mobile Subscriber Identity “(IMSI) catchers.”²² They are capable of interfering with cellular communications. From a hospital's perspective this is extraordinarily dangerous because some of their systems are dependent on cellular communications. In security shorthand, this is an attack on availability.

Another weakness in cellular technology is something referred to as SS7 and the IP version of the protocol known as SIGTRAN—protocols designed more than a decade ago. They were designed without considerations to modern security. No one had envisioned the widespread use of wireless technology. The current 4G protocol is based on Diameter. Diameter, without getting too technical, is a protocol that enables validation of technology, and sometimes users, over a network. Now it is built on the internet protocol, but is essentially only marginally better. But what is worse, in early 2019, a new flaw was discovered that allows attackers to intercept calls and track phone locations. This is true for both 4G and 5G cellular service,²³ despite the newer protection in 5G.²⁴

Several more pages could be devoted to exploring the intricacies of vulnerabilities in cellular service, but the point here is that cellular technologies also have vulnerabilities as a key aspect of the technology. But let us turn our attention to short-distance wireless communication—with exceptions, this typically means Bluetooth. Bluetooth development was initiated in 1989 by Ericsson Mobile in Sweden. The purpose of Bluetooth was essentially for wireless headphones. Of course, the uses for Bluetooth have expanded well beyond that (yes, including medical devices) to the point where it is almost ubiquitous around the world. What is unique about Bluetooth compared to other technologies is that it is easy to trick users into allowing a connection to a device. This process is so common that it has a name—BlueSnarfing. This brings the fallible human element to the security of systems in the environment. But what is more alarming is the sheer number of vulnerabilities that have appeared over the years. At the moment of writing this, in 2020 alone there have been 49 vulnerabilities found in Bluetooth. Many of the vulnerabilities allow for access to the full system. Four of them are from the applications designed to help with COVID.²⁵

If you extend the timeline back to 2002 when the MITRE corporation was publicly tracking the vulnerabilities, at the time of this writing, there were 388 vulnerabilities. As fantastic as MITRE is, this is far from a complete list. For example, on March 3, 2020, the FDA released a warning about a set of vulnerabilities known as “SweynTooth.” SweynTooth affected certain medical devices that utilized Bluetooth Low Energy—in particular, pacemakers, glucose monitors, ultrasound devices, electrocardiograms, and monitors. This was not listed by MITRE.²⁶ In a worst-case scenario the vulnerability can stop a device from working, or allow an attacker to access the device functionality, which is usually available only to authorized users.²⁷ While the attack would have to be within a few feet, the Homeland scenario of stopping a pacemaker does not seem so farfetched.

The SweynTooth family of vulnerabilities was linked in part to manufacturers of microchips. Think of a microchip as a tiny part of a motherboard. This means that the fault may not be with the makers of the motherboards, but with some of companies that help with subcomponents of the motherboards. The challenges from a security standpoint are widespread to say the least.

NFC has a very short range—roughly 4 inches. As a result, it has a very unique place within the arena of connected medical devices. Some of the applications of NFC include logical access to medical information, Intelligent ID bracelets, tagging of medications, physical access, and so on.²⁸ The tagged ID bracelets and other such items do not store medical information. That reduces the risk considerably, which is a good thing because there is no authentication within NFC. The risks concerning NFC generally are around two devices in active mode—where information can be transferred. For many uses, NFC is typically in passive mode for tagging purposes. While it is a huge help for hospitals, from a connected medical device perspective, the risks tend to be lower, but not zero. For example, in 2019, Android devices had an NFC vulnerability that exposed the devices to malware attacks and, worse, privilege escalation (which means anyone can do almost anything to the device).²⁹ In most settings this is not a huge risk, but if you had a device that uses NFC, that could be a risk to all the other systems the device was connected to. In some environments, this includes protected health information.