Endpoint Security , Governance & Risk Management , Internet of Things Security
Evolving Threats Facing Robotic and Other Medical Gear
Kevin Fu of Northeastern University on Latest Medical Device Cyber ChallengesRobotic medical devices, such as surgical equipment, offer tremendous potential to improve patient care, but the cyber risks associated with these technologies must be carefully addressed and mitigated, said Kevin Fu, a professor and director of the Archimedes Center for Health Care and Medical Device Cybersecurity, Northeastern University.
"Robotic surgery and the use of robots in healthcare is really important for helping patients to lead more normal and healthy lives. But we can't simply give lip service to cybersecurity," he said.
Security threats "are no longer kids in the basement just trying to have tomfoolery," he said. "These are nation-state-backed and organized crime that are financially or politically motivated to cause mayhem.
"It doesn't take a whole lot of science fiction thinking to already imagine what could possibly go wrong," Fu said.
"A robot doing surgery moving in the wrong direction, or even something more simple, such as a robot becoming unavailable in the middle of a procedure because of some kind of cybersecurity threat," he said.
That might include "ransomware that brings down the cloud that the robot is connected to, or a piece of malware that causes some of the software to behave outside of what it should be doing."
In this audio interview with Information Security Media Group (see audio link below photo), Fu also discussed:
- Important Food and Drug Administration developments involving the agency's enhanced regulatory authority over medical device cybersecurity;
- The significance of the Federal Communications Commission's proposed U.S. Cyber Trust Mark program for certain internet of things and smart devices, including consumer wearable health and fitness devices;
- Cybersecurity and other related risks involving medical devices enabled by artificial intelligence and machine learning;
- How a significant cyberattack - such as the one on Change Healthcare - could potentially cause widespread disruption and outages involving remote monitoring and telehealth devices;
- Ransomware attacks and the many ways they can potentially affect medical devices;
- Critical medical device cybersecurity issues slated for discussion at an upcoming conference and workshop in New Orleans hosted by the Archimedes Center for Health Care and Medical Device Cybersecurity at Northeastern University.
Fu is a professor of electrical and computer engineering at Northeastern University. He recently served as acting director of medical device cybersecurity at the FDA's Center for Devices and Radiological Health and program director for cybersecurity at the Digital Health Center of Excellence. Prior to that, Fu was an associate professor at the University of Michigan, where he founded its center for healthcare and device security. He is co-founder of healthcare cybersecurity vendor Virta Labs.