How vulnerable are digital hospital systems to security attacks?
Frosch: You can’t generalize it because you also don’t want to step on anyone’s toes. The debate revolves around the idea of an external attack. However, sometimes it might only be a tiny step to go from an external attack to one that is committed by an insider. “External” might mean that an invader gains or buys remote desktop access. And just like that, an external attack has become an internal attack. The impact is the same if a nurse, hospital attendant, doctor, or system administrator opens a well-made, yet malicious email for example. Securing the hospital network perimeter is simply not enough. Being tough on the outside is great, but you shouldn’t be soft on the inside.
Our responsibility as an IT service provider is to build cyber defense capabilities because an attack is likely to happen. As a result, the internal infrastructure must be stronger. This specifically applies to medical devices, such as a CT scan machine. Repair technicians service the machine every six months or so. Generally, endpoint protection for the devices will be updated and operating system security patches will be imported. Useful for comparison: updates to endpoint protection are typically made every one to eight hours, and operating system security patches are updated on a monthly basis as a minimum. Although every system should be a hard target regardless of how deep it is located in the infrastructure, it is apparent that you have to defend it differently - there is not just one network perimeter, there are many of them, and you have to protect each one of them.
Let’s assume there has been a successful cyber attack on a hospital network. What is the first step that people in charge should take?
Frosch: Consult a security expert. Even an incident that was caught immediately is still a security incident. An expert needs to assess whether it can be caught immediately or if there is further impact. Quick, right decisions and actions are crucial in this setting.
How can functional safety be restored in this case?
Frosch: It takes hard work. It is essential to detect an incident, assess it appropriately and respond accordingly. The issue and its cause must be totally eliminated. If that doesn’t happen, you might have repeated incidents. Nobody wants that, but there have already been instances in some hospitals.
As the leading trade fair for medical technology, why is MEDICA also the right platform for you, since you are actually not directly part of this industry sector?
Frosch: We are a producer and service provider that primarily services the German market and is engaged in the healthcare sector. MEDICA is Germany’s major trade fair for medical technology. The best way to reach your target audience is to meet them where they feel at home.