Almost any sort of device or infrastructure, be it physical or digital, has a threat landscape that attackers can exploit. This is especially true for medical devices. Medical devices can have widely varying functionality that hackers can take advantage of. Consequences can be massive when considering the effects of a failing critical device, such as an unsecured life support machine. Due to the high risk involved, greater care must be taken when addressing potential threats against a medical device.
Mapping the Threat Landscape
The first main question to be addressed when securing any device is, “What is there to attack?”. This can be physical and digital components, such as various interface ports or software running on the device. During the testing of a medical device, the tester and manufacturers need to work closely together so that the tester fully understands everything happening inside the device. This allows for a clearer picture of what could go wrong to start forming in the tester’s mind.
Once the tester knows what lies in or on the device, the next step is to think of attacks that can occur for each component. This step, threat modeling, is vital in comprehensive security. More than anything else, the tester’s experience and knowledge of modern techniques will come into play here. Hacking techniques evolve rapidly; keeping up with the cat-and-mouse game of offensive strategies and defenses can be very time-consuming.
Cutting-edge devices will often have very new and unique functionality. This allows for new treatments and devices to push the limits of what was previously thought possible but may open up new avenues for attackers. Considering such unique components can take creative thinking to craft accurate threat models for the device. This is another area where fully understanding the device can help craft these specialized attacks and eventually work toward remediation.
Even using common functionalities or components frequently seen elsewhere can open up new attacks. If these components are used in rarely seen combinations, there may be possible intended functionality abuse present. Testers and manufacturers need to keep this in mind when mapping out how components interact with each other. The larger and more complex the device, the more complex these potential attacks can be.
Addressing Attacks Before They Happen
Mapping out potential attacks aims to prevent them from happening in the first place. The effects of medical devices with critical vulnerabilities being sent for public use can be life-threatening, so it is vital to address these problems early on in the development process. Unfortunately, solutions can be difficult to craft. Security can be complex; protecting a device without sacrificing functionality can often be difficult.
Yet again, collaboration between the testers and developers greatly assists with this. Testers can apply their expertise to help find solutions to identified security vulnerabilities without compromising on critical functions. This can involve some back and forth between both parties to eventually find an appropriate solution. Proposed solutions must also be vetted for proper security as well, or they may just be reintroducing flaws into the system.
External software should have been identified and listed as part of the threat modeling process with details relating to functions and versions. If this is done properly, the SOUP, or Software Of Unknown Provenance, can be tested for public vulnerabilities. These vulnerabilities may be more difficult to fix than others since modifying commercial products can be difficult and often impossible. Fixing these problems will often require looking for a different product version that performs the same function or a new one altogether.
Solutions can be a lot more customized in home-brewed components since the development team is directly in control of modifying vulnerable components. Testers will want to review vulnerable code snippets to see what insecure practices are in place before recommending modifications that allow for greater security. There can be a lot of flexibility here, as there can often be several ways to mitigate a vulnerability.
Secure Your Medical Devices With Blue Goat Cyber
The team at Blue Goat Cyber can work with you through each step of the security process and streamline the process of preparing your device for public release. Proper security is a good practice and mandatory according to FDA regulations. We can help you navigate the latest FDA requirements and reduce the time your device needs to get to market. Contact us today to schedule a discovery session.