Armis Recognized as a Leader in Connected Medical Device Security Evaluation
We are ecstatic that Armis has been named a Leader in The Forrester New Wave™: Connected Medical Device Security Q2 2020 report. Forrester has ranked the top providers in this emerging market. According to Forrester’s evaluation, Armis offers a comprehensive medical and enterprise IoT security solution, combining threat prevention and detection for the broadest ranges of devices, as well as an extensive device identification capabilities and threat research/analysis for complete device protection.
Connected Medical Device Security Is Critical
Today’s hospitals and clinics are experiencing tremendous growth in the number of new connected medical devices connecting to their networks. All these devices – infusion pumps, MRI machines, heart monitors, X-Ray machines and more – are designed specifically to help doctors, nurses, and clinicians deliver faster, higher quality care. Unfortunately, as they connect to the network, they also create an expanded attack surface that most healthcare delivery organizations have challenges addressing. This problem is particularly acute given the rash of recent cyberattacks targeting hospitals and other institutions providing critical care, even as they grapple with addressing the needs of their patients during the current pandemic. The situation has even spurred international leaders from around the globe to call for governmental actions to prevent and stop cyberattacks that target hospitals. Over the last few months, we have seen an increase in ransomware attacks. Seeing and stopping those exposures and attacks is core to our mission.
Learn more: Read about how Armis secures connected medical devices.
The Medical Device Security Exposure
The primary challenge here is that these connected medical devices are difficult, if not impossible to secure. Why? Because they all share some common characteristics. Specifically, they can’t take a traditional security agent, are hard to update, and can’t be seen or managed by most security products. Malicious actors know this and can look to exploit any vulnerabilities that may exist. As an example, just last summer, Armis researchers discovered and disclosed URGENT/11 – 11 zero-day vulnerabilities impacting at least six real-time operating systems (RTOS) putting millions of medical devices at risk. Armis even demonstrated how such a patient monitor could be exploited.
This effort prompted the U.S. Food and Drug Administration (FDA) to issue a communication to highlight that: “These vulnerabilities may allow anyone to remotely take control of the medical device and change its function, cause denial of service, or cause information leaks or logical flaws, which may prevent device function.” Some medical device manufacturers, like Spacelabs, developed and issued updates. Others did not, opting to recommend other mitigation methods.
The research further demonstrates that connected medical devices running these RTOS need to receive the same level of scrutiny as other more traditional devices running Windows, MacOS, iOS, Android or Linux.
So How Can Healthcare Delivery Organizations Respond?
As with all good cybersecurity programs, it starts with knowing what you have. For most healthcare providers, discovering all the devices you have and where they are located can be challenging, so it is essential to be able to identify and classify every device in your environment – medical or otherwise. While there are vulnerabilities that exist in connected medical devices, they are not the only things hospitals need to worry about. The business of delivering care involves scores of other connected devices like laptops and smartphones to new smart devices like smart TVs, IP phones, printers, building control systems like HVAC and elevator controllers as well. All these devices help make healthcare delivery more safe & efficient, but are just as vulnerable, often share the same networks, and are points of attack by bad actors. So all devices in the healthcare environment need to be managed and secured.
What Healthcare Delivery Organizations Need to Do
It is essential for IT, Security and Clinical Engineering teams to work in conjunction to address this growing issue. The best defense is for healthcare organizations to gain visibility into all of the devices on their network – medical or otherwise – and monitor their behavior to look for known vulnerabilities and active threats. Armis was purpose-built to solve these challenges by:
- Identifying any device in hospital environments
- Monitoring their behavior for risks and threats
- Automatically responding when it detects suspicious or malicious devices or activity.
Leading with Agentless
In a world of medical and unmanaged devices that can’t take an agent or be scanned, an agentless and passive approach is the most sound. And given the importance of every medical professional, hospital, and clinic these days, it is an absolute honor to be recognized by Forrester as a leader in this emerging category. According to the evaluation, the Armis Agentless Device Security Platform combines threat prevention and detection for the broadest ranges of devices and offers insight into medical device protocols like HL7, HLE, and DICOM. The report also cited that Armis is best for companies seeking a security solution for clinical engineering and IT, which is useful for healthcare providers who want a security solution that can bridge the divide between IT and clinical engineering security teams.