Gurucul announced the increasing use of Gurucul Risk Analytics by healthcare organizations to protect medical devices from external attacks, insider threats and equipment malfunctions. By monitoring the behavior of medical devices using advanced analytics, Gurucul detects anomalies associated with security risks that can threaten patient safety.
Within the next five years, 44 percent of 237 medical technology companies surveyed by Deloitte predict that all of their devices will be connected through IoT. This shift is creating a dangerous new attack surface. On Oct. 2 the U.S. Food and Drug Administration (FDA) issued a safety alert warning of cybersecurity vulnerabilities known as URGENT/11, that if exploited by a remote attacker, could pose safety and security risks for connected medical devices and hospital networks.
“Despite the growing threat to medical devices and the fact that the FDA has published guidance on best practices for managing their security risks, most large U.S. healthcare providers still lack a documented strategy for protecting them,” said Saryu Nayyar, CEO of Gurucul. “Our ability to monitor the behavior of thousands of medical devices and detect when they deviate from their baselines using analytics provides unmatched visibility, automation and control.”
Medical devices are generally designed to do one thing. Whenever they vary from that action, it’s usually because they have been compromised or are malfunctioning. Gurucul Risk Analytics (GRA) baselines device behaviors, so it can detect when there is an anomaly. It can identify the behavior patterns of medical devices, just as it looks at human behavior patterns.
Gurucul Risk Analytics ingests massive amounts of data to enable organizations to monitor an unlimited number of devices/entities across the network, including IoT patient health sensors and machines, security cameras, baby cameras that parents can access from outside the hospital network, and more. It automatically creates a behavior baseline for all entities, and constantly monitors them for deviations in volume, activity, time, place, actions, etc. This allows for highly accurate detection of anomalies indicative of unauthorized access, unintended changes and malfunctions before damage occurs.
Gurucul also monitors medical devices that are turned on/off intermittently, not just their IP address, and even captures new devices, which may or may not have been formally registered through the IT/security department. This bridges the gap in time where devices are introduced and not yet registered and managed under IT security, closing an avenue for exploits and insider threats.